Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2016-10735 (GCVE-0-2016-10735)
Vulnerability from cvelistv5
Published
2019-01-09 05:00
Modified
2024-08-06 03:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T03:30:20.165Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/twbs/bootstrap/issues/27915#issuecomment-452140906"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/twbs/bootstrap/pull/26460"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/twbs/bootstrap/issues/20184"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/twbs/bootstrap/pull/23687"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/twbs/bootstrap/pull/23679"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.getbootstrap.com/2018/12/13/bootstrap-3-4-0/"
},
{
"name": "RHSA-2019:1456",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1456"
},
{
"name": "RHBA-2019:1076",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHBA-2019:1076"
},
{
"name": "RHBA-2019:1570",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHBA-2019:1570"
},
{
"name": "RHSA-2019:3023",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3023"
},
{
"name": "RHSA-2020:0132",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2020:0132"
},
{
"name": "RHSA-2020:0133",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2020:0133"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.tenable.com/security/tns-2021-14"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2019-01-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-22T17:06:28",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/twbs/bootstrap/issues/27915#issuecomment-452140906"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/twbs/bootstrap/pull/26460"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/twbs/bootstrap/issues/20184"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/twbs/bootstrap/pull/23687"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/twbs/bootstrap/pull/23679"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.getbootstrap.com/2018/12/13/bootstrap-3-4-0/"
},
{
"name": "RHSA-2019:1456",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1456"
},
{
"name": "RHBA-2019:1076",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHBA-2019:1076"
},
{
"name": "RHBA-2019:1570",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHBA-2019:1570"
},
{
"name": "RHSA-2019:3023",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3023"
},
{
"name": "RHSA-2020:0132",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2020:0132"
},
{
"name": "RHSA-2020:0133",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2020:0133"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.tenable.com/security/tns-2021-14"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-10735",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/twbs/bootstrap/issues/27915#issuecomment-452140906",
"refsource": "MISC",
"url": "https://github.com/twbs/bootstrap/issues/27915#issuecomment-452140906"
},
{
"name": "https://github.com/twbs/bootstrap/pull/26460",
"refsource": "MISC",
"url": "https://github.com/twbs/bootstrap/pull/26460"
},
{
"name": "https://github.com/twbs/bootstrap/issues/20184",
"refsource": "MISC",
"url": "https://github.com/twbs/bootstrap/issues/20184"
},
{
"name": "https://github.com/twbs/bootstrap/pull/23687",
"refsource": "MISC",
"url": "https://github.com/twbs/bootstrap/pull/23687"
},
{
"name": "https://github.com/twbs/bootstrap/pull/23679",
"refsource": "MISC",
"url": "https://github.com/twbs/bootstrap/pull/23679"
},
{
"name": "https://blog.getbootstrap.com/2018/12/13/bootstrap-3-4-0/",
"refsource": "MISC",
"url": "https://blog.getbootstrap.com/2018/12/13/bootstrap-3-4-0/"
},
{
"name": "RHSA-2019:1456",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:1456"
},
{
"name": "RHBA-2019:1076",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHBA-2019:1076"
},
{
"name": "RHBA-2019:1570",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHBA-2019:1570"
},
{
"name": "RHSA-2019:3023",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:3023"
},
{
"name": "RHSA-2020:0132",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2020:0132"
},
{
"name": "RHSA-2020:0133",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2020:0133"
},
{
"name": "https://www.tenable.com/security/tns-2021-14",
"refsource": "CONFIRM",
"url": "https://www.tenable.com/security/tns-2021-14"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-10735",
"datePublished": "2019-01-09T05:00:00",
"dateReserved": "2019-01-08T00:00:00",
"dateUpdated": "2024-08-06T03:30:20.165Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2016-10735\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2019-01-09T05:29:00.883\",\"lastModified\":\"2024-11-21T02:44:37.590\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.\"},{\"lang\":\"es\",\"value\":\"En las versiones de Bootstrap anteriores a la 3.4.0 y en las 4.x-beta anteriores a la 4.0.0-beta.2, Cross-Site Scripting (XSS) es posible en el atributo \\\"data-target\\\". Se trata de una vulnerabilidad diferente de CVE-2018-14041.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":6.1,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":2.7}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:P/A:N\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.0.0\",\"versionEndExcluding\":\"3.4.0\",\"matchCriteriaId\":\"8497B424-E8CC-4FEF-844B-FE33F2C18E6E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:getbootstrap:bootstrap:4.0.0:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"C5E15817-0A5D-4C30-9A3C-F85F275E78DC\"}]}]}],\"references\":[{\"url\":\"https://access.redhat.com/errata/RHBA-2019:1076\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://access.redhat.com/errata/RHBA-2019:1570\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:1456\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:3023\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2020:0132\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2020:0133\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://blog.getbootstrap.com/2018/12/13/bootstrap-3-4-0/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/twbs/bootstrap/issues/20184\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/twbs/bootstrap/issues/27915#issuecomment-452140906\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/twbs/bootstrap/pull/23679\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/twbs/bootstrap/pull/23687\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/twbs/bootstrap/pull/26460\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.tenable.com/security/tns-2021-14\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://access.redhat.com/errata/RHBA-2019:1076\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHBA-2019:1570\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:1456\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:3023\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2020:0132\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2020:0133\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://blog.getbootstrap.com/2018/12/13/bootstrap-3-4-0/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/twbs/bootstrap/issues/20184\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/twbs/bootstrap/issues/27915#issuecomment-452140906\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/twbs/bootstrap/pull/23679\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/twbs/bootstrap/pull/23687\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/twbs/bootstrap/pull/26460\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.tenable.com/security/tns-2021-14\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
rhsa-2023:0553
Vulnerability from csaf_redhat
Published
2023-01-31 13:12
Modified
2025-10-13 04:53
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.8, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.9 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* jquery: Prototype pollution in object's prototype leading to denial of
service, remote code execution, or property injection (CVE-2019-11358)
* jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251)
* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute
(CVE-2018-14040)
* jquery: Untrusted code execution via <option> tag in HTML passed to DOM
manipulation methods (CVE-2020-11023)
* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method
(CVE-2020-11022)
* bootstrap: XSS in the data-target attribute (CVE-2016-10735)
* bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy
(CVE-2018-14041)
* sshd-common: mina-sshd: Java unsafe deserialization vulnerability
(CVE-2022-45047)
* woodstox-core: woodstox to serialise XML data was vulnerable to Denial of
Service attacks (CVE-2022-40152)
* bootstrap: Cross-site Scripting (XSS) in the data-container property of
tooltip (CVE-2018-14042)
* bootstrap: XSS in the tooltip or popover data-template attribute
(CVE-2019-8331)
* nodejs-moment: Regular expression denial of service (CVE-2017-18214)
* wildfly-elytron: possible timing attacks via use of unsafe comparator
(CVE-2022-3143)
* jackson-databind: use of deeply nested arrays (CVE-2022-42004)
* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS
(CVE-2022-42003)
* jettison: parser crash by stackoverflow (CVE-2022-40149)
* jettison: memory exhaustion via user-supplied XML or JSON data
(CVE-2022-40150)
* jettison: If the value in map is the map's self, the new new JSONObject(map) cause StackOverflowError which may lead to dos (CVE-2022-45693)
* CXF: Apache CXF: SSRF Vulnerability (CVE-2022-46364)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.8, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.9 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* jquery: Prototype pollution in object\u0027s prototype leading to denial of\nservice, remote code execution, or property injection (CVE-2019-11358)\n\n* jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251)\n\n* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute\n(CVE-2018-14040)\n\n* jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM\nmanipulation methods (CVE-2020-11023)\n\n* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method\n(CVE-2020-11022)\n\n* bootstrap: XSS in the data-target attribute (CVE-2016-10735)\n\n* bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy\n(CVE-2018-14041)\n\n* sshd-common: mina-sshd: Java unsafe deserialization vulnerability\n(CVE-2022-45047)\n\n* woodstox-core: woodstox to serialise XML data was vulnerable to Denial of\nService attacks (CVE-2022-40152)\n\n* bootstrap: Cross-site Scripting (XSS) in the data-container property of\ntooltip (CVE-2018-14042)\n\n* bootstrap: XSS in the tooltip or popover data-template attribute\n(CVE-2019-8331)\n\n* nodejs-moment: Regular expression denial of service (CVE-2017-18214)\n\n* wildfly-elytron: possible timing attacks via use of unsafe comparator\n(CVE-2022-3143)\n\n* jackson-databind: use of deeply nested arrays (CVE-2022-42004)\n\n* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS\n(CVE-2022-42003)\n\n* jettison: parser crash by stackoverflow (CVE-2022-40149)\n\n* jettison: memory exhaustion via user-supplied XML or JSON data\n(CVE-2022-40150)\n\n* jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos (CVE-2022-45693)\n\n* CXF: Apache CXF: SSRF Vulnerability (CVE-2022-46364)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:0553",
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/"
},
{
"category": "external",
"summary": "1399546",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1399546"
},
{
"category": "external",
"summary": "1553413",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1553413"
},
{
"category": "external",
"summary": "1601614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614"
},
{
"category": "external",
"summary": "1601616",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601616"
},
{
"category": "external",
"summary": "1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "external",
"summary": "1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "1850004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004"
},
{
"category": "external",
"summary": "2124682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124682"
},
{
"category": "external",
"summary": "2134291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134291"
},
{
"category": "external",
"summary": "2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "2135770",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770"
},
{
"category": "external",
"summary": "2135771",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135771"
},
{
"category": "external",
"summary": "2145194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194"
},
{
"category": "external",
"summary": "2155682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155682"
},
{
"category": "external",
"summary": "2155970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155970"
},
{
"category": "external",
"summary": "JBEAP-23864",
"url": "https://issues.redhat.com/browse/JBEAP-23864"
},
{
"category": "external",
"summary": "JBEAP-23865",
"url": "https://issues.redhat.com/browse/JBEAP-23865"
},
{
"category": "external",
"summary": "JBEAP-23866",
"url": "https://issues.redhat.com/browse/JBEAP-23866"
},
{
"category": "external",
"summary": "JBEAP-23927",
"url": "https://issues.redhat.com/browse/JBEAP-23927"
},
{
"category": "external",
"summary": "JBEAP-24055",
"url": "https://issues.redhat.com/browse/JBEAP-24055"
},
{
"category": "external",
"summary": "JBEAP-24081",
"url": "https://issues.redhat.com/browse/JBEAP-24081"
},
{
"category": "external",
"summary": "JBEAP-24095",
"url": "https://issues.redhat.com/browse/JBEAP-24095"
},
{
"category": "external",
"summary": "JBEAP-24100",
"url": "https://issues.redhat.com/browse/JBEAP-24100"
},
{
"category": "external",
"summary": "JBEAP-24127",
"url": "https://issues.redhat.com/browse/JBEAP-24127"
},
{
"category": "external",
"summary": "JBEAP-24128",
"url": "https://issues.redhat.com/browse/JBEAP-24128"
},
{
"category": "external",
"summary": "JBEAP-24132",
"url": "https://issues.redhat.com/browse/JBEAP-24132"
},
{
"category": "external",
"summary": "JBEAP-24147",
"url": "https://issues.redhat.com/browse/JBEAP-24147"
},
{
"category": "external",
"summary": "JBEAP-24167",
"url": "https://issues.redhat.com/browse/JBEAP-24167"
},
{
"category": "external",
"summary": "JBEAP-24191",
"url": "https://issues.redhat.com/browse/JBEAP-24191"
},
{
"category": "external",
"summary": "JBEAP-24195",
"url": "https://issues.redhat.com/browse/JBEAP-24195"
},
{
"category": "external",
"summary": "JBEAP-24207",
"url": "https://issues.redhat.com/browse/JBEAP-24207"
},
{
"category": "external",
"summary": "JBEAP-24248",
"url": "https://issues.redhat.com/browse/JBEAP-24248"
},
{
"category": "external",
"summary": "JBEAP-24426",
"url": "https://issues.redhat.com/browse/JBEAP-24426"
},
{
"category": "external",
"summary": "JBEAP-24427",
"url": "https://issues.redhat.com/browse/JBEAP-24427"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_0553.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update",
"tracking": {
"current_release_date": "2025-10-13T04:53:23+00:00",
"generator": {
"date": "2025-10-13T04:53:23+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2023:0553",
"initial_release_date": "2023-01-31T13:12:13+00:00",
"revision_history": [
{
"date": "2023-01-31T13:12:13+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-01-31T13:12:13+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-13T04:53:23+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 7.4 for RHEL 8",
"product": {
"name": "Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-elytron-web@1.9.3-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src",
"product_id": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-woodstox-core@6.4.0-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"product": {
"name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"product_id": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-databind@2.12.7-1.redhat_00003.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"product": {
"name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"product_id": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-java8@2.12.7-1.redhat_00003.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"product": {
"name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"product_id": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-annotations@2.12.7-1.redhat_00003.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"product": {
"name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"product_id": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-javaee-security-soteria@1.0.1-3.redhat_00003.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"product": {
"name": "eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"product_id": "eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-providers@2.12.7-1.redhat_00003.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"product": {
"name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"product_id": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-base@2.12.7-1.redhat_00003.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"product": {
"name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"product_id": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jettison@1.5.2-1.redhat_00002.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"product": {
"name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"product_id": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-core@2.12.7-1.redhat_00003.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"product_id": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.2.22-1.SP3_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-remoting@5.0.27-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.3.16-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.5.10-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"product_id": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-sshd@2.9.2-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-jsp-api_2.3_spec@2.0.0-3.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.49-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"product_id": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-jsf-api_2.3_spec@3.0.0-6.SP07_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search@5.10.13-3.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.15.16-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"product": {
"name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"product_id": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-24.Final_redhat_00023.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"product": {
"name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"product_id": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.4.9-4.GA_redhat_00003.1.el8eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow-server@1.9.3-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-woodstox-core@6.4.0-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product_id": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-databind@2.12.7-1.redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product_id": "eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-datatype-jdk8@2.12.7-1.redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product_id": "eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-datatype-jsr310@2.12.7-1.redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product_id": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-java8@2.12.7-1.redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product_id": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-annotations@2.12.7-1.redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"product_id": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-javaee-security-soteria@1.0.1-3.redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"product_id": "eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-javaee-security-soteria-enterprise@1.0.1-3.redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product_id": "eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-base@2.12.7-1.redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product_id": "eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-json-provider@2.12.7-1.redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product_id": "eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-module-jaxb-annotations@2.12.7-1.redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product_id": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-base@2.12.7-1.redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"product_id": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jettison@1.5.2-1.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product_id": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-core@2.12.7-1.redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.2.22-1.SP3_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-remoting@5.0.27-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.3.16-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.5.10-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-api@1.5.10-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-impl@1.5.10-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-spi@1.5.10-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-api@1.5.10-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-impl@1.5.10-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-deployers-common@1.5.10-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-jdbc@1.5.10-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-validator@1.5.10-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-sshd@2.9.2-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-jsp-api_2.3_spec@2.0.0-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.49-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-jsf-api_2.3_spec@3.0.0-6.SP07_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search@5.10.13-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search-backend-jgroups@5.10.13-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search-backend-jms@5.10.13-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search-engine@5.10.13-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search-orm@5.10.13-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search-serialization-avro@5.10.13-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.15.16-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron-tool@1.15.16-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-24.Final_redhat_00023.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.10.0-24.Final_redhat_00023.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.10.0-24.Final_redhat_00023.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"product_id": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.4.9-4.GA_redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"product_id": "eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.4.9-4.GA_redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"product_id": "eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.4.9-4.GA_redhat_00003.1.el8eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src"
},
"product_reference": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src"
},
"product_reference": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src"
},
"product_reference": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src"
},
"product_reference": "eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src"
},
"product_reference": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src"
},
"product_reference": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src"
},
"product_reference": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src"
},
"product_reference": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src"
},
"product_reference": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src"
},
"product_reference": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-9251",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2016-11-27T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1399546"
}
],
"notes": [
{
"category": "description",
"text": "jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Cross-site scripting via cross-domain ajax requests",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-9251"
},
{
"category": "external",
"summary": "RHBZ#1399546",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1399546"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-9251",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9251"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-9251",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-9251"
}
],
"release_date": "2015-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:12:13+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jquery: Cross-site scripting via cross-domain ajax requests"
},
{
"cve": "CVE-2016-10735",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668097"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the data-target attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-10735"
},
{
"category": "external",
"summary": "RHBZ#1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10735"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735"
}
],
"release_date": "2016-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:12:13+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "bootstrap: XSS in the data-target attribute"
},
{
"cve": "CVE-2017-18214",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2018-03-08T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1553413"
}
],
"notes": [
{
"category": "description",
"text": "The moment module before 2.19.3 for Node.js is prone to a regular expression denial of service via a crafted date string, a different vulnerability than CVE-2016-4055.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-moment: Regular expression denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of momentjs as shipped with Red Hat Enterprise Satellite 5. Red Hat Product Security has rated this issue as having security impact of Moderate. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.\n\nIn Quay 3.10 and above, no version of affected momentjs is present.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-18214"
},
{
"category": "external",
"summary": "RHBZ#1553413",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1553413"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-18214",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18214"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-18214",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-18214"
}
],
"release_date": "2017-09-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:12:13+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "nodejs-moment: Regular expression denial of service"
},
{
"cve": "CVE-2018-14040",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601614"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14040"
},
{
"category": "external",
"summary": "RHBZ#1601614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14040",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14040"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:12:13+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute"
},
{
"cve": "CVE-2018-14041",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601616"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting, caused by improper validation of user-supplied input by the data-target property of scrollspy. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14041"
},
{
"category": "external",
"summary": "RHBZ#1601616",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601616"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14041",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14041"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14041",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14041"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:12:13+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy"
},
{
"cve": "CVE-2018-14042",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601617"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14042"
},
{
"category": "external",
"summary": "RHBZ#1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14042",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14042"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:12:13+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip"
},
{
"cve": "CVE-2019-8331",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-02-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1686454"
}
],
"notes": [
{
"category": "description",
"text": "A cross-site scripting vulnerability was discovered in bootstrap. If an attacker could control the data given to tooltip or popover, they could inject HTML or Javascript into the rendered page when tooltip or popover events fired.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the tooltip or popover data-template attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-8331"
},
{
"category": "external",
"summary": "RHBZ#1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-8331",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8331"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331"
}
],
"release_date": "2019-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:12:13+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "bootstrap: XSS in the tooltip or popover data-template attribute"
},
{
"cve": "CVE-2019-11358",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-03-28T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1701972"
}
],
"notes": [
{
"category": "description",
"text": "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-11358"
},
{
"category": "external",
"summary": "RHBZ#1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/",
"url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/"
},
{
"category": "external",
"summary": "https://www.drupal.org/sa-core-2019-006",
"url": "https://www.drupal.org/sa-core-2019-006"
}
],
"release_date": "2019-03-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:12:13+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection"
},
{
"cve": "CVE-2020-11022",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-04-23T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1828406"
}
],
"notes": [
{
"category": "description",
"text": "A Cross-site scripting (XSS) vulnerability exists in JQuery. This flaw allows an attacker with the ability to supply input to the \u2018HTML\u2019 function to inject Javascript into the page where that input is rendered, and have it delivered by the browser.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "No supported release of Red Hat OpenStack Platform is affected by this vulnerability as no shipped packages contain the vulnerable code.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11022"
},
{
"category": "external",
"summary": "RHBZ#1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11022",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2",
"url": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2"
}
],
"release_date": "2020-04-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:12:13+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method"
},
{
"cve": "CVE-2020-11023",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-06-23T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1850004"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jQuery. HTML containing \\\u003coption\\\u003e elements from untrusted sources are passed, even after sanitizing, to one of jQuery\u0027s DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux versions 6, 7, and 8 ship a vulnerable version of JQuery in the `pcs` component. As PCS does not accept untrusted input, the vulnerable code cannot be controlled by an attacker.\n\nMultiple Red Hat offerings use doxygen to build documentation. During this process an affected jquery.js file can be included in the resulting package. The \u0027gcc\u0027 and \u0027tbb\u0027 packages were potentially vulnerable via this method.\n\nOpenShift Container Platform 4 is not affected because even though it uses the \u0027gcc\u0027 component, vulnerable code is limited within the libstdc++-docs rpm package, which is not shipped.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nStatic code analysis controls ensure that security flaws, including XSS vulnerabilities, are detected early in development by scanning code for improper input handling. This prevents vulnerable code from reaching production and encourages our developers to follow secure coding practices. System monitoring controls play a crucial role in detecting and responding to XSS attacks by analyzing logs, monitoring user behavior, and generating alerts for suspicious activity. Meanwhile, AWS WAF (Web Application Firewall) adds an extra layer of defense by filtering and blocking malicious input before it reaches the platform and/or application. Together, these controls create a defense-in-depth approach, reducing the risk of XSS exploitation by preventing, detecting, and mitigating attacks at multiple levels.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11023"
},
{
"category": "external",
"summary": "RHBZ#1850004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/",
"url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2020-04-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:12:13+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2025-01-23T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Low"
}
],
"title": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods"
},
{
"cve": "CVE-2022-3143",
"cwe": {
"id": "CWE-208",
"name": "Observable Timing Discrepancy"
},
"discovery_date": "2022-09-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2124682"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly-elytron. Wildfly-elytron uses java.util.Arrays.equals in several places, which is unsafe and vulnerable to timing attacks. To compare values securely, use java.security.MessageDigest.isEqual instead. This flaw allows an attacker to access secure information or impersonate an authed user.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly-elytron: possible timing attacks via use of unsafe comparator",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-3143"
},
{
"category": "external",
"summary": "RHBZ#2124682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124682"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-3143",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3143"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3143",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3143"
}
],
"release_date": "2022-09-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:12:13+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly-elytron: possible timing attacks via use of unsafe comparator"
},
{
"cve": "CVE-2022-40149",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-10-18T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135771"
}
],
"notes": [
{
"category": "description",
"text": "A stack-based buffer overflow vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. This flaw allows an attacker to supply content that causes the parser to crash by writing outside the memory bounds if the parser is running on user-supplied input, resulting in a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: parser crash by stackoverflow",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40149"
},
{
"category": "external",
"summary": "RHBZ#2135771",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135771"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40149",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40149"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149"
},
{
"category": "external",
"summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1",
"url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1"
}
],
"release_date": "2022-09-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:12:13+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jettison: parser crash by stackoverflow"
},
{
"cve": "CVE-2022-40150",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-10-18T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135770"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. If the parser is running on user-supplied input, an attacker may supply content that causes the parser to crash, causing memory exhaustion. This effect may support a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: memory exhaustion via user-supplied XML or JSON data",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40150"
},
{
"category": "external",
"summary": "RHBZ#2135770",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40150",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40150"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150"
},
{
"category": "external",
"summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1",
"url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1"
}
],
"release_date": "2022-09-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:12:13+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jettison: memory exhaustion via user-supplied XML or JSON data"
},
{
"cve": "CVE-2022-40152",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-10-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2134291"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the FasterXML/woodstox package. This flaw allows an attacker to cause a denial of service (DoS) in its target via XML serialization. An attacker may benefit from the parser sending a malicious input that may cause a crash. This vulnerability is only relevant for users using the DTD parsing functionality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40152"
},
{
"category": "external",
"summary": "RHBZ#2134291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134291"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40152",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40152"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40152",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40152"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-3f7h-mf4q-vrm4",
"url": "https://github.com/advisories/GHSA-3f7h-mf4q-vrm4"
}
],
"release_date": "2022-09-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:12:13+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks"
},
{
"cve": "CVE-2022-42003",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135244"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42003"
},
{
"category": "external",
"summary": "RHBZ#2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42003",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:12:13+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS"
},
{
"cve": "CVE-2022-42004",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135247"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: use of deeply nested arrays",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42004"
},
{
"category": "external",
"summary": "RHBZ#2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42004",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:12:13+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: use of deeply nested arrays"
},
{
"cve": "CVE-2022-45047",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-11-23T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2145194"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache MINA SSHD, when using Java deserialization to load a serialized java.security.PrivateKey. An attacker could benefit from unsafe deserialization by inserting unsecured data that may affect the application or server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mina-sshd: Java unsafe deserialization vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Impact as High as there\u0027s a mitigation for minimizing the impact which the flaw requires org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to be impacted, which would require an external/public API for an attacker to benefit from it. \n\nRed Hat Fuse 7 and Red Hat JBoss Enterprise Application Platform 7 have a lower rate (moderate) as it\u0027s very unlikely to be exploited since those are for internal usage or use a custom implementation in their case.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45047"
},
{
"category": "external",
"summary": "RHBZ#2145194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45047",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45047"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047"
},
{
"category": "external",
"summary": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html",
"url": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html"
}
],
"release_date": "2022-11-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:12:13+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
},
{
"category": "workaround",
"details": "From the maintainer:\n\nFor Apache MINA SSHD \u003c= 2.9.1, do not use org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to generate and later load your server\u0027s host key. Use separately generated host key files, for instance in OpenSSH format, and load them via a org.apache.sshd.common.keyprovider.FileKeyPairProvider instead. Or use a custom implementation instead of \nSimpleGeneratorHostKeyProvider that uses the OpenSSH format for storing and loading the host key (via classes OpenSSHKeyPairResourceWriter and OpenSSHKeyPairResourceParser).",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mina-sshd: Java unsafe deserialization vulnerability"
},
{
"cve": "CVE-2022-45693",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-12-23T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155970"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jettison, where it is vulnerable to a denial of service caused by a stack-based buffer overflow. By sending a specially-crafted request using the map parameter, a remote attacker can cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat has determined the impact of this flaw to be Moderate; a successful attack using this flaw would require the processing of untrusted, unsanitized, or unrestricted user inputs, which runs counter to established Red Hat security practices.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45693"
},
{
"category": "external",
"summary": "RHBZ#2155970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155970"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45693",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45693"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45693",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45693"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:12:13+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos"
},
{
"cve": "CVE-2022-46364",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2022-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155682"
}
],
"notes": [
{
"category": "description",
"text": "A SSRF vulnerability was found in Apache CXF. This issue occurs when parsing the href attribute of XOP:Include in MTOM requests, allowing an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "CXF: SSRF Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Integration Camel Quarkus does not support CXF extensions and so is affected at a reduced impact of Moderate.\nThe RHSSO server does not ship Apache CXF. The component mentioned in CVE-2022-46364 is a transitive dependency coming from Fuse adapters and the test suite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-46364"
},
{
"category": "external",
"summary": "RHBZ#2155682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155682"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-46364",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46364"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46364",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46364"
},
{
"category": "external",
"summary": "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1\u0026modificationDate=1670944472739\u0026api=v2",
"url": "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1\u0026modificationDate=1670944472739\u0026api=v2"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:12:13+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "CXF: SSRF Vulnerability"
}
]
}
RHBA-2019:4199
Vulnerability from csaf_redhat
Published
2019-12-12 13:34
Modified
2025-10-10 01:33
Summary
Red Hat Bug Fix Advisory: CloudForms 5.0 bug fix and enhancement update
Notes
Topic
An update is now available for CloudForms Management Engine 5.11.
Details
Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller (MVC) framework for web application development. Action Pack implements the controller and the view components.
This update fixes various bugs and adds enhancements. Documentation for these changes is available from the Release Notes document linked to in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for CloudForms Management Engine 5.11.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller (MVC) framework for web application development. Action Pack implements the controller and the view components.\n\nThis update fixes various bugs and adds enhancements. Documentation for these changes is available from the Release Notes document linked to in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHBA-2019:4199",
"url": "https://access.redhat.com/errata/RHBA-2019:4199"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_cloudforms/5.0/html/release_notes",
"url": "https://access.redhat.com/documentation/en-us/red_hat_cloudforms/5.0/html/release_notes"
},
{
"category": "external",
"summary": "1295839",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1295839"
},
{
"category": "external",
"summary": "1314875",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1314875"
},
{
"category": "external",
"summary": "1402112",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1402112"
},
{
"category": "external",
"summary": "1415106",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1415106"
},
{
"category": "external",
"summary": "1429540",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1429540"
},
{
"category": "external",
"summary": "1430159",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1430159"
},
{
"category": "external",
"summary": "1440191",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1440191"
},
{
"category": "external",
"summary": "1445717",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1445717"
},
{
"category": "external",
"summary": "1447170",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1447170"
},
{
"category": "external",
"summary": "1455145",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1455145"
},
{
"category": "external",
"summary": "1460798",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1460798"
},
{
"category": "external",
"summary": "1461487",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1461487"
},
{
"category": "external",
"summary": "1469035",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1469035"
},
{
"category": "external",
"summary": "1475616",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1475616"
},
{
"category": "external",
"summary": "1480819",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1480819"
},
{
"category": "external",
"summary": "1486765",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1486765"
},
{
"category": "external",
"summary": "1487178",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1487178"
},
{
"category": "external",
"summary": "1498996",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1498996"
},
{
"category": "external",
"summary": "1504155",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1504155"
},
{
"category": "external",
"summary": "1507011",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1507011"
},
{
"category": "external",
"summary": "1515952",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1515952"
},
{
"category": "external",
"summary": "1516838",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1516838"
},
{
"category": "external",
"summary": "1516912",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1516912"
},
{
"category": "external",
"summary": "1518613",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1518613"
},
{
"category": "external",
"summary": "1519359",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1519359"
},
{
"category": "external",
"summary": "1525835",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1525835"
},
{
"category": "external",
"summary": "1527695",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1527695"
},
{
"category": "external",
"summary": "1528984",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1528984"
},
{
"category": "external",
"summary": "1532720",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1532720"
},
{
"category": "external",
"summary": "1533263",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1533263"
},
{
"category": "external",
"summary": "1534529",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534529"
},
{
"category": "external",
"summary": "1534539",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534539"
},
{
"category": "external",
"summary": "1535215",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535215"
},
{
"category": "external",
"summary": "1535782",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535782"
},
{
"category": "external",
"summary": "1535928",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535928"
},
{
"category": "external",
"summary": "1540058",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1540058"
},
{
"category": "external",
"summary": "1543007",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1543007"
},
{
"category": "external",
"summary": "1545942",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1545942"
},
{
"category": "external",
"summary": "1546108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1546108"
},
{
"category": "external",
"summary": "1546927",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1546927"
},
{
"category": "external",
"summary": "1547081",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1547081"
},
{
"category": "external",
"summary": "1549128",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1549128"
},
{
"category": "external",
"summary": "1553846",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1553846"
},
{
"category": "external",
"summary": "1557488",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1557488"
},
{
"category": "external",
"summary": "1559335",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1559335"
},
{
"category": "external",
"summary": "1566600",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1566600"
},
{
"category": "external",
"summary": "1573609",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1573609"
},
{
"category": "external",
"summary": "1574822",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1574822"
},
{
"category": "external",
"summary": "1574823",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1574823"
},
{
"category": "external",
"summary": "1574824",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1574824"
},
{
"category": "external",
"summary": "1574826",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1574826"
},
{
"category": "external",
"summary": "1578076",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1578076"
},
{
"category": "external",
"summary": "1581817",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1581817"
},
{
"category": "external",
"summary": "1591797",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1591797"
},
{
"category": "external",
"summary": "1594381",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1594381"
},
{
"category": "external",
"summary": "1594497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1594497"
},
{
"category": "external",
"summary": "1595259",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1595259"
},
{
"category": "external",
"summary": "1595558",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1595558"
},
{
"category": "external",
"summary": "1597125",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1597125"
},
{
"category": "external",
"summary": "1600961",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1600961"
},
{
"category": "external",
"summary": "1602072",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1602072"
},
{
"category": "external",
"summary": "1608475",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1608475"
},
{
"category": "external",
"summary": "1609348",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1609348"
},
{
"category": "external",
"summary": "1609541",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1609541"
},
{
"category": "external",
"summary": "1614567",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1614567"
},
{
"category": "external",
"summary": "1623636",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1623636"
},
{
"category": "external",
"summary": "1628228",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1628228"
},
{
"category": "external",
"summary": "1630040",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1630040"
},
{
"category": "external",
"summary": "1631845",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1631845"
},
{
"category": "external",
"summary": "1632718",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1632718"
},
{
"category": "external",
"summary": "1633867",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1633867"
},
{
"category": "external",
"summary": "1634794",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1634794"
},
{
"category": "external",
"summary": "1638245",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1638245"
},
{
"category": "external",
"summary": "1638390",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1638390"
},
{
"category": "external",
"summary": "1639387",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1639387"
},
{
"category": "external",
"summary": "1641905",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1641905"
},
{
"category": "external",
"summary": "1643331",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1643331"
},
{
"category": "external",
"summary": "1645041",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1645041"
},
{
"category": "external",
"summary": "1645193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1645193"
},
{
"category": "external",
"summary": "1646562",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1646562"
},
{
"category": "external",
"summary": "1649280",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1649280"
},
{
"category": "external",
"summary": "1650104",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1650104"
},
{
"category": "external",
"summary": "1650117",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1650117"
},
{
"category": "external",
"summary": "1650294",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1650294"
},
{
"category": "external",
"summary": "1650396",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1650396"
},
{
"category": "external",
"summary": "1650418",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1650418"
},
{
"category": "external",
"summary": "1650484",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1650484"
},
{
"category": "external",
"summary": "1650501",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1650501"
},
{
"category": "external",
"summary": "1650506",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1650506"
},
{
"category": "external",
"summary": "1650559",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1650559"
},
{
"category": "external",
"summary": "1652577",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1652577"
},
{
"category": "external",
"summary": "1652858",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1652858"
},
{
"category": "external",
"summary": "1653772",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1653772"
},
{
"category": "external",
"summary": "1653779",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1653779"
},
{
"category": "external",
"summary": "1653787",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1653787"
},
{
"category": "external",
"summary": "1653800",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1653800"
},
{
"category": "external",
"summary": "1654511",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1654511"
},
{
"category": "external",
"summary": "1655114",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1655114"
},
{
"category": "external",
"summary": "1655495",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1655495"
},
{
"category": "external",
"summary": "1655794",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1655794"
},
{
"category": "external",
"summary": "1655977",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1655977"
},
{
"category": "external",
"summary": "1656318",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1656318"
},
{
"category": "external",
"summary": "1656371",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1656371"
},
{
"category": "external",
"summary": "1656722",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1656722"
},
{
"category": "external",
"summary": "1656734",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1656734"
},
{
"category": "external",
"summary": "1656838",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1656838"
},
{
"category": "external",
"summary": "1658906",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1658906"
},
{
"category": "external",
"summary": "1659088",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1659088"
},
{
"category": "external",
"summary": "1659452",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1659452"
},
{
"category": "external",
"summary": "1660163",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1660163"
},
{
"category": "external",
"summary": "1662991",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1662991"
},
{
"category": "external",
"summary": "1663562",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1663562"
},
{
"category": "external",
"summary": "1663972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1663972"
},
{
"category": "external",
"summary": "1664852",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1664852"
},
{
"category": "external",
"summary": "1664886",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1664886"
},
{
"category": "external",
"summary": "1664888",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1664888"
},
{
"category": "external",
"summary": "1667178",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1667178"
},
{
"category": "external",
"summary": "1668004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668004"
},
{
"category": "external",
"summary": "1668437",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668437"
},
{
"category": "external",
"summary": "1669851",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1669851"
},
{
"category": "external",
"summary": "1669860",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1669860"
},
{
"category": "external",
"summary": "1669861",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1669861"
},
{
"category": "external",
"summary": "1669867",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1669867"
},
{
"category": "external",
"summary": "1669868",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1669868"
},
{
"category": "external",
"summary": "1670016",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1670016"
},
{
"category": "external",
"summary": "1670138",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1670138"
},
{
"category": "external",
"summary": "1670150",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1670150"
},
{
"category": "external",
"summary": "1670373",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1670373"
},
{
"category": "external",
"summary": "1670456",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1670456"
},
{
"category": "external",
"summary": "1670472",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1670472"
},
{
"category": "external",
"summary": "1670604",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1670604"
},
{
"category": "external",
"summary": "1671844",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671844"
},
{
"category": "external",
"summary": "1671909",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671909"
},
{
"category": "external",
"summary": "1671911",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671911"
},
{
"category": "external",
"summary": "1672437",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1672437"
},
{
"category": "external",
"summary": "1672689",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1672689"
},
{
"category": "external",
"summary": "1672933",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1672933"
},
{
"category": "external",
"summary": "1672934",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1672934"
},
{
"category": "external",
"summary": "1672937",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1672937"
},
{
"category": "external",
"summary": "1672949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1672949"
},
{
"category": "external",
"summary": "1674055",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1674055"
},
{
"category": "external",
"summary": "1677258",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1677258"
},
{
"category": "external",
"summary": "1677548",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1677548"
},
{
"category": "external",
"summary": "1677553",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1677553"
},
{
"category": "external",
"summary": "1677558",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1677558"
},
{
"category": "external",
"summary": "1677560",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1677560"
},
{
"category": "external",
"summary": "1677561",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1677561"
},
{
"category": "external",
"summary": "1677571",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1677571"
},
{
"category": "external",
"summary": "1677575",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1677575"
},
{
"category": "external",
"summary": "1678046",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1678046"
},
{
"category": "external",
"summary": "1678047",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1678047"
},
{
"category": "external",
"summary": "1678048",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1678048"
},
{
"category": "external",
"summary": "1678122",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1678122"
},
{
"category": "external",
"summary": "1678123",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1678123"
},
{
"category": "external",
"summary": "1678132",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1678132"
},
{
"category": "external",
"summary": "1678135",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1678135"
},
{
"category": "external",
"summary": "1678136",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1678136"
},
{
"category": "external",
"summary": "1678142",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1678142"
},
{
"category": "external",
"summary": "1678149",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1678149"
},
{
"category": "external",
"summary": "1678150",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1678150"
},
{
"category": "external",
"summary": "1678151",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1678151"
},
{
"category": "external",
"summary": "1678190",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1678190"
},
{
"category": "external",
"summary": "1678192",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1678192"
},
{
"category": "external",
"summary": "1678194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1678194"
},
{
"category": "external",
"summary": "1678196",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1678196"
},
{
"category": "external",
"summary": "1680525",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1680525"
},
{
"category": "external",
"summary": "1683697",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1683697"
},
{
"category": "external",
"summary": "1684226",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1684226"
},
{
"category": "external",
"summary": "1684567",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1684567"
},
{
"category": "external",
"summary": "1684575",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1684575"
},
{
"category": "external",
"summary": "1684681",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1684681"
},
{
"category": "external",
"summary": "1685063",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1685063"
},
{
"category": "external",
"summary": "1685266",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1685266"
},
{
"category": "external",
"summary": "1686076",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686076"
},
{
"category": "external",
"summary": "1686617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686617"
},
{
"category": "external",
"summary": "1686619",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686619"
},
{
"category": "external",
"summary": "1686762",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686762"
},
{
"category": "external",
"summary": "1687059",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1687059"
},
{
"category": "external",
"summary": "1687086",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1687086"
},
{
"category": "external",
"summary": "1687597",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1687597"
},
{
"category": "external",
"summary": "1688359",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1688359"
},
{
"category": "external",
"summary": "1688370",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1688370"
},
{
"category": "external",
"summary": "1689369",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1689369"
},
{
"category": "external",
"summary": "1690508",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1690508"
},
{
"category": "external",
"summary": "1690572",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1690572"
},
{
"category": "external",
"summary": "1692537",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1692537"
},
{
"category": "external",
"summary": "1692853",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1692853"
},
{
"category": "external",
"summary": "1693362",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1693362"
},
{
"category": "external",
"summary": "1693994",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1693994"
},
{
"category": "external",
"summary": "1695008",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695008"
},
{
"category": "external",
"summary": "1695219",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695219"
},
{
"category": "external",
"summary": "1695566",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695566"
},
{
"category": "external",
"summary": "1697467",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1697467"
},
{
"category": "external",
"summary": "1698184",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1698184"
},
{
"category": "external",
"summary": "1698193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1698193"
},
{
"category": "external",
"summary": "1700070",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1700070"
},
{
"category": "external",
"summary": "1704835",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1704835"
},
{
"category": "external",
"summary": "1705105",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1705105"
},
{
"category": "external",
"summary": "1706764",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1706764"
},
{
"category": "external",
"summary": "1707328",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1707328"
},
{
"category": "external",
"summary": "1707537",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1707537"
},
{
"category": "external",
"summary": "1707961",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1707961"
},
{
"category": "external",
"summary": "1708203",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1708203"
},
{
"category": "external",
"summary": "1709957",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1709957"
},
{
"category": "external",
"summary": "1710599",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1710599"
},
{
"category": "external",
"summary": "1710623",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1710623"
},
{
"category": "external",
"summary": "1711855",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1711855"
},
{
"category": "external",
"summary": "1714185",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1714185"
},
{
"category": "external",
"summary": "1714197",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1714197"
},
{
"category": "external",
"summary": "1716858",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1716858"
},
{
"category": "external",
"summary": "1717695",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1717695"
},
{
"category": "external",
"summary": "1717843",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1717843"
},
{
"category": "external",
"summary": "1718457",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1718457"
},
{
"category": "external",
"summary": "1718495",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1718495"
},
{
"category": "external",
"summary": "1718833",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1718833"
},
{
"category": "external",
"summary": "1718858",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1718858"
},
{
"category": "external",
"summary": "1719322",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1719322"
},
{
"category": "external",
"summary": "1719399",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1719399"
},
{
"category": "external",
"summary": "1720187",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1720187"
},
{
"category": "external",
"summary": "1720640",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1720640"
},
{
"category": "external",
"summary": "1722197",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1722197"
},
{
"category": "external",
"summary": "1723420",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1723420"
},
{
"category": "external",
"summary": "1723899",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1723899"
},
{
"category": "external",
"summary": "1724496",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1724496"
},
{
"category": "external",
"summary": "1725838",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1725838"
},
{
"category": "external",
"summary": "1726844",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1726844"
},
{
"category": "external",
"summary": "1727131",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1727131"
},
{
"category": "external",
"summary": "1728740",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1728740"
},
{
"category": "external",
"summary": "1728774",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1728774"
},
{
"category": "external",
"summary": "1729265",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1729265"
},
{
"category": "external",
"summary": "1729953",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1729953"
},
{
"category": "external",
"summary": "1730311",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1730311"
},
{
"category": "external",
"summary": "1732808",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1732808"
},
{
"category": "external",
"summary": "1738664",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1738664"
},
{
"category": "external",
"summary": "1740691",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1740691"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhba-2019_4199.json"
}
],
"title": "Red Hat Bug Fix Advisory: CloudForms 5.0 bug fix and enhancement update",
"tracking": {
"current_release_date": "2025-10-10T01:33:49+00:00",
"generator": {
"date": "2025-10-10T01:33:49+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHBA-2019:4199",
"initial_release_date": "2019-12-12T13:34:43+00:00",
"revision_history": [
{
"date": "2019-12-12T13:34:43+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2019-12-12T13:34:43+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-10T01:33:49+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "CloudForms Management Engine 5.11",
"product": {
"name": "CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:cloudforms_managementengine:5.11::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat CloudForms"
},
{
"branches": [
{
"category": "product_version",
"name": "python-colorama-0:0.4.1-1.el8ost.src",
"product": {
"name": "python-colorama-0:0.4.1-1.el8ost.src",
"product_id": "python-colorama-0:0.4.1-1.el8ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-colorama@0.4.1-1.el8ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-funcsigs-0:1.0.2-3.el8ost.src",
"product": {
"name": "python-funcsigs-0:1.0.2-3.el8ost.src",
"product_id": "python-funcsigs-0:1.0.2-3.el8ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-funcsigs@1.0.2-3.el8ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-mock-0:2.0.0-11.el8ost.src",
"product": {
"name": "python-mock-0:2.0.0-11.el8ost.src",
"product_id": "python-mock-0:2.0.0-11.el8ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-mock@2.0.0-11.el8ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-pbr-0:5.1.2-2.el8ost.src",
"product": {
"name": "python-pbr-0:5.1.2-2.el8ost.src",
"product_id": "python-pbr-0:5.1.2-2.el8ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-pbr@5.1.2-2.el8ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-ffi-0:1.9.25-1.el8cf.src",
"product": {
"name": "rubygem-ffi-0:1.9.25-1.el8cf.src",
"product_id": "rubygem-ffi-0:1.9.25-1.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-ffi@1.9.25-1.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-hamlit-0:2.8.10-1.el8cf.src",
"product": {
"name": "rubygem-hamlit-0:2.8.10-1.el8cf.src",
"product_id": "rubygem-hamlit-0:2.8.10-1.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-hamlit@2.8.10-1.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-http_parser.rb-0:0.6.0-1.el8cf.src",
"product": {
"name": "rubygem-http_parser.rb-0:0.6.0-1.el8cf.src",
"product_id": "rubygem-http_parser.rb-0:0.6.0-1.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-http_parser.rb@0.6.0-1.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-linux_block_device-0:0.2.1-1.el8cf.src",
"product": {
"name": "rubygem-linux_block_device-0:0.2.1-1.el8cf.src",
"product_id": "rubygem-linux_block_device-0:0.2.1-1.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-linux_block_device@0.2.1-1.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-memory_buffer-0:0.1.0-2.el8cf.src",
"product": {
"name": "rubygem-memory_buffer-0:0.1.0-2.el8cf.src",
"product_id": "rubygem-memory_buffer-0:0.1.0-2.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-memory_buffer@0.1.0-2.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-nokogiri-0:1.8.5-1.el8cf.src",
"product": {
"name": "rubygem-nokogiri-0:1.8.5-1.el8cf.src",
"product_id": "rubygem-nokogiri-0:1.8.5-1.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-nokogiri@1.8.5-1.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-puma-0:3.7.1-1.el8cf.src",
"product": {
"name": "rubygem-puma-0:3.7.1-1.el8cf.src",
"product_id": "rubygem-puma-0:3.7.1-1.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-puma@3.7.1-1.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-sassc-0:2.0.1-1.el8cf.src",
"product": {
"name": "rubygem-sassc-0:2.0.1-1.el8cf.src",
"product_id": "rubygem-sassc-0:2.0.1-1.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-sassc@2.0.1-1.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-sqlite3-0:1.3.13-2.el8cf.src",
"product": {
"name": "rubygem-sqlite3-0:1.3.13-2.el8cf.src",
"product_id": "rubygem-sqlite3-0:1.3.13-2.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-sqlite3@1.3.13-2.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-surro-gate-0:1.0.5-1.el8cf.src",
"product": {
"name": "rubygem-surro-gate-0:1.0.5-1.el8cf.src",
"product_id": "rubygem-surro-gate-0:1.0.5-1.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-surro-gate@1.0.5-1.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-websocket-driver-0:0.6.5-1.el8cf.src",
"product": {
"name": "rubygem-websocket-driver-0:0.6.5-1.el8cf.src",
"product_id": "rubygem-websocket-driver-0:0.6.5-1.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-websocket-driver@0.6.5-1.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "smem-0:1.4-1.el8cf.src",
"product": {
"name": "smem-0:1.4-1.el8cf.src",
"product_id": "smem-0:1.4-1.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/smem@1.4-1.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "wmi-0:1.3.14-8.el8cf.src",
"product": {
"name": "wmi-0:1.3.14-8.el8cf.src",
"product_id": "wmi-0:1.3.14-8.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/wmi@1.3.14-8.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-future-0:0.16.0-1.el8cf.src",
"product": {
"name": "python-future-0:0.16.0-1.el8cf.src",
"product_id": "python-future-0:0.16.0-1.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-future@0.16.0-1.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-bambou-0:3.0.1-2.el8cf.src",
"product": {
"name": "python-bambou-0:3.0.1-2.el8cf.src",
"product_id": "python-bambou-0:3.0.1-2.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-bambou@3.0.1-2.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-requests-toolbelt-0:0.8.0-2.el8cf.src",
"product": {
"name": "python-requests-toolbelt-0:0.8.0-2.el8cf.src",
"product_id": "python-requests-toolbelt-0:0.8.0-2.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-requests-toolbelt@0.8.0-2.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-pylxca-0:2.1.1-2.el8cf.src",
"product": {
"name": "python-pylxca-0:2.1.1-2.el8cf.src",
"product_id": "python-pylxca-0:2.1.1-2.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-pylxca@2.1.1-2.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-tabulate-0:0.8.2-1.el8cf.src",
"product": {
"name": "python-tabulate-0:0.8.2-1.el8cf.src",
"product_id": "python-tabulate-0:0.8.2-1.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-tabulate@0.8.2-1.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-vspk-0:5.3.2-2.el8cf.src",
"product": {
"name": "python-vspk-0:5.3.2-2.el8cf.src",
"product_id": "python-vspk-0:5.3.2-2.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-vspk@5.3.2-2.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "prince-0:12.4-1.el8cf.src",
"product": {
"name": "prince-0:12.4-1.el8cf.src",
"product_id": "prince-0:12.4-1.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/prince@12.4-1.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "ansible-runner-0:1.3.4-2.el8ar.src",
"product": {
"name": "ansible-runner-0:1.3.4-2.el8ar.src",
"product_id": "ansible-runner-0:1.3.4-2.el8ar.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ansible-runner@1.3.4-2.el8ar?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-daemon-0:2.1.2-9.el8ar.src",
"product": {
"name": "python-daemon-0:2.1.2-9.el8ar.src",
"product_id": "python-daemon-0:2.1.2-9.el8ar.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-daemon@2.1.2-9.el8ar?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-pexpect-0:4.6-2.el8ar.src",
"product": {
"name": "python-pexpect-0:4.6-2.el8ar.src",
"product_id": "python-pexpect-0:4.6-2.el8ar.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-pexpect@4.6-2.el8ar?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-psutil-0:5.4.3-5.el8ar.src",
"product": {
"name": "python-psutil-0:5.4.3-5.el8ar.src",
"product_id": "python-psutil-0:5.4.3-5.el8ar.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-psutil@5.4.3-5.el8ar?arch=src"
}
}
},
{
"category": "product_version",
"name": "repmgr10-0:4.0.6-3.el8cf.src",
"product": {
"name": "repmgr10-0:4.0.6-3.el8cf.src",
"product_id": "repmgr10-0:4.0.6-3.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/repmgr10@4.0.6-3.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "qpid-proton-0:0.28.0-1.el8.src",
"product": {
"name": "qpid-proton-0:0.28.0-1.el8.src",
"product_id": "qpid-proton-0:0.28.0-1.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-proton@0.28.0-1.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-qpid_proton-0:0.26.0-1.el8cf.src",
"product": {
"name": "rubygem-qpid_proton-0:0.26.0-1.el8cf.src",
"product_id": "rubygem-qpid_proton-0:0.26.0-1.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-qpid_proton@0.26.0-1.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-escape_utils-0:1.2.1-1.el8cf.src",
"product": {
"name": "rubygem-escape_utils-0:1.2.1-1.el8cf.src",
"product_id": "rubygem-escape_utils-0:1.2.1-1.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-escape_utils@1.2.1-1.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "v2v-conversion-host-0:1.14.2-1.el8ev.src",
"product": {
"name": "v2v-conversion-host-0:1.14.2-1.el8ev.src",
"product_id": "v2v-conversion-host-0:1.14.2-1.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/v2v-conversion-host@1.14.2-1.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-lockfile-1:0.11.0-8.el8ar.src",
"product": {
"name": "python-lockfile-1:0.11.0-8.el8ar.src",
"product_id": "python-lockfile-1:0.11.0-8.el8ar.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-lockfile@0.11.0-8.el8ar?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "rubygem-bcrypt-0:3.1.13-1.el8cf.src",
"product": {
"name": "rubygem-bcrypt-0:3.1.13-1.el8cf.src",
"product_id": "rubygem-bcrypt-0:3.1.13-1.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-bcrypt@3.1.13-1.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-nio4r-0:2.4.0-1.el8cf.src",
"product": {
"name": "rubygem-nio4r-0:2.4.0-1.el8cf.src",
"product_id": "rubygem-nio4r-0:2.4.0-1.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-nio4r@2.4.0-1.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-unf_ext-0:0.0.7.6-1.el8cf.src",
"product": {
"name": "rubygem-unf_ext-0:0.0.7.6-1.el8cf.src",
"product_id": "rubygem-unf_ext-0:0.0.7.6-1.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-unf_ext@0.0.7.6-1.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-byebug-0:11.0.1-1.el8cf.src",
"product": {
"name": "rubygem-byebug-0:11.0.1-1.el8cf.src",
"product_id": "rubygem-byebug-0:11.0.1-1.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-byebug@11.0.1-1.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "ovirt-ansible-cluster-upgrade-0:1.1.13-1.el8ev.src",
"product": {
"name": "ovirt-ansible-cluster-upgrade-0:1.1.13-1.el8ev.src",
"product_id": "ovirt-ansible-cluster-upgrade-0:1.1.13-1.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-ansible-cluster-upgrade@1.1.13-1.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "ovirt-ansible-disaster-recovery-0:1.2.0-1.el8ev.src",
"product": {
"name": "ovirt-ansible-disaster-recovery-0:1.2.0-1.el8ev.src",
"product_id": "ovirt-ansible-disaster-recovery-0:1.2.0-1.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-ansible-disaster-recovery@1.2.0-1.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "ovirt-ansible-engine-setup-0:1.1.9-1.el8ev.src",
"product": {
"name": "ovirt-ansible-engine-setup-0:1.1.9-1.el8ev.src",
"product_id": "ovirt-ansible-engine-setup-0:1.1.9-1.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-ansible-engine-setup@1.1.9-1.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "ovirt-ansible-hosted-engine-setup-0:1.0.26-1.el8ev.src",
"product": {
"name": "ovirt-ansible-hosted-engine-setup-0:1.0.26-1.el8ev.src",
"product_id": "ovirt-ansible-hosted-engine-setup-0:1.0.26-1.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-ansible-hosted-engine-setup@1.0.26-1.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "ovirt-ansible-image-template-0:1.1.11-1.el8ev.src",
"product": {
"name": "ovirt-ansible-image-template-0:1.1.11-1.el8ev.src",
"product_id": "ovirt-ansible-image-template-0:1.1.11-1.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-ansible-image-template@1.1.11-1.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "ovirt-ansible-infra-0:1.1.12-1.el8ev.src",
"product": {
"name": "ovirt-ansible-infra-0:1.1.12-1.el8ev.src",
"product_id": "ovirt-ansible-infra-0:1.1.12-1.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-ansible-infra@1.1.12-1.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "ovirt-ansible-manageiq-0:1.1.14-1.el8ev.src",
"product": {
"name": "ovirt-ansible-manageiq-0:1.1.14-1.el8ev.src",
"product_id": "ovirt-ansible-manageiq-0:1.1.14-1.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-ansible-manageiq@1.1.14-1.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "ovirt-ansible-repositories-0:1.1.5-1.el8ev.src",
"product": {
"name": "ovirt-ansible-repositories-0:1.1.5-1.el8ev.src",
"product_id": "ovirt-ansible-repositories-0:1.1.5-1.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-ansible-repositories@1.1.5-1.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "ovirt-ansible-roles-0:1.1.7-2.el8ev.src",
"product": {
"name": "ovirt-ansible-roles-0:1.1.7-2.el8ev.src",
"product_id": "ovirt-ansible-roles-0:1.1.7-2.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-ansible-roles@1.1.7-2.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "ovirt-ansible-shutdown-env-0:1.0.3-1.el8ev.src",
"product": {
"name": "ovirt-ansible-shutdown-env-0:1.0.3-1.el8ev.src",
"product_id": "ovirt-ansible-shutdown-env-0:1.0.3-1.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-ansible-shutdown-env@1.0.3-1.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "ovirt-ansible-vm-infra-0:1.1.19-1.el8ev.src",
"product": {
"name": "ovirt-ansible-vm-infra-0:1.1.19-1.el8ev.src",
"product_id": "ovirt-ansible-vm-infra-0:1.1.19-1.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-ansible-vm-infra@1.1.19-1.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "python3-ovirt-engine-sdk4-0:4.3.2-1.el8ev.src",
"product": {
"name": "python3-ovirt-engine-sdk4-0:4.3.2-1.el8ev.src",
"product_id": "python3-ovirt-engine-sdk4-0:4.3.2-1.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-ovirt-engine-sdk4@4.3.2-1.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-rugged-0:0.28.2-1.el8cf.src",
"product": {
"name": "rubygem-rugged-0:0.28.2-1.el8cf.src",
"product_id": "rubygem-rugged-0:0.28.2-1.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-rugged@0.28.2-1.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-ovirt-engine-sdk4-0:4.3.0-1.el8cf.src",
"product": {
"name": "rubygem-ovirt-engine-sdk4-0:4.3.0-1.el8cf.src",
"product_id": "rubygem-ovirt-engine-sdk4-0:4.3.0-1.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-ovirt-engine-sdk4@4.3.0-1.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "cfme-gemset-0:5.11.0.28-1.el8cf.src",
"product": {
"name": "cfme-gemset-0:5.11.0.28-1.el8cf.src",
"product_id": "cfme-gemset-0:5.11.0.28-1.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cfme-gemset@5.11.0.28-1.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "cfme-appliance-0:5.11.0.28-1.el8cf.src",
"product": {
"name": "cfme-appliance-0:5.11.0.28-1.el8cf.src",
"product_id": "cfme-appliance-0:5.11.0.28-1.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cfme-appliance@5.11.0.28-1.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "cfme-0:5.11.0.28-1.el8cf.src",
"product": {
"name": "cfme-0:5.11.0.28-1.el8cf.src",
"product_id": "cfme-0:5.11.0.28-1.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cfme@5.11.0.28-1.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "cfme-amazon-smartstate-0:5.11.0.28-1.el8cf.src",
"product": {
"name": "cfme-amazon-smartstate-0:5.11.0.28-1.el8cf.src",
"product_id": "cfme-amazon-smartstate-0:5.11.0.28-1.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cfme-amazon-smartstate@5.11.0.28-1.el8cf?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-colorama-0:0.4.1-1.el8ost.noarch",
"product": {
"name": "python3-colorama-0:0.4.1-1.el8ost.noarch",
"product_id": "python3-colorama-0:0.4.1-1.el8ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-colorama@0.4.1-1.el8ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-funcsigs-0:1.0.2-3.el8ost.noarch",
"product": {
"name": "python3-funcsigs-0:1.0.2-3.el8ost.noarch",
"product_id": "python3-funcsigs-0:1.0.2-3.el8ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-funcsigs@1.0.2-3.el8ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-mock-0:2.0.0-11.el8ost.noarch",
"product": {
"name": "python3-mock-0:2.0.0-11.el8ost.noarch",
"product_id": "python3-mock-0:2.0.0-11.el8ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-mock@2.0.0-11.el8ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-pbr-0:5.1.2-2.el8ost.noarch",
"product": {
"name": "python3-pbr-0:5.1.2-2.el8ost.noarch",
"product_id": "python3-pbr-0:5.1.2-2.el8ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-pbr@5.1.2-2.el8ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-ffi-doc-0:1.9.25-1.el8cf.noarch",
"product": {
"name": "rubygem-ffi-doc-0:1.9.25-1.el8cf.noarch",
"product_id": "rubygem-ffi-doc-0:1.9.25-1.el8cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-ffi-doc@1.9.25-1.el8cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-hamlit-doc-0:2.8.10-1.el8cf.noarch",
"product": {
"name": "rubygem-hamlit-doc-0:2.8.10-1.el8cf.noarch",
"product_id": "rubygem-hamlit-doc-0:2.8.10-1.el8cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-hamlit-doc@2.8.10-1.el8cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-http_parser.rb-doc-0:0.6.0-1.el8cf.noarch",
"product": {
"name": "rubygem-http_parser.rb-doc-0:0.6.0-1.el8cf.noarch",
"product_id": "rubygem-http_parser.rb-doc-0:0.6.0-1.el8cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-http_parser.rb-doc@0.6.0-1.el8cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-linux_block_device-doc-0:0.2.1-1.el8cf.noarch",
"product": {
"name": "rubygem-linux_block_device-doc-0:0.2.1-1.el8cf.noarch",
"product_id": "rubygem-linux_block_device-doc-0:0.2.1-1.el8cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-linux_block_device-doc@0.2.1-1.el8cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-memory_buffer-doc-0:0.1.0-2.el8cf.noarch",
"product": {
"name": "rubygem-memory_buffer-doc-0:0.1.0-2.el8cf.noarch",
"product_id": "rubygem-memory_buffer-doc-0:0.1.0-2.el8cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-memory_buffer-doc@0.1.0-2.el8cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-puma-doc-0:3.7.1-1.el8cf.noarch",
"product": {
"name": "rubygem-puma-doc-0:3.7.1-1.el8cf.noarch",
"product_id": "rubygem-puma-doc-0:3.7.1-1.el8cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-puma-doc@3.7.1-1.el8cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-sassc-doc-0:2.0.1-1.el8cf.noarch",
"product": {
"name": "rubygem-sassc-doc-0:2.0.1-1.el8cf.noarch",
"product_id": "rubygem-sassc-doc-0:2.0.1-1.el8cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-sassc-doc@2.0.1-1.el8cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-sqlite3-doc-0:1.3.13-2.el8cf.noarch",
"product": {
"name": "rubygem-sqlite3-doc-0:1.3.13-2.el8cf.noarch",
"product_id": "rubygem-sqlite3-doc-0:1.3.13-2.el8cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-sqlite3-doc@1.3.13-2.el8cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-surro-gate-doc-0:1.0.5-1.el8cf.noarch",
"product": {
"name": "rubygem-surro-gate-doc-0:1.0.5-1.el8cf.noarch",
"product_id": "rubygem-surro-gate-doc-0:1.0.5-1.el8cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-surro-gate-doc@1.0.5-1.el8cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-websocket-driver-doc-0:0.6.5-1.el8cf.noarch",
"product": {
"name": "rubygem-websocket-driver-doc-0:0.6.5-1.el8cf.noarch",
"product_id": "rubygem-websocket-driver-doc-0:0.6.5-1.el8cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-websocket-driver-doc@0.6.5-1.el8cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "smem-0:1.4-1.el8cf.noarch",
"product": {
"name": "smem-0:1.4-1.el8cf.noarch",
"product_id": "smem-0:1.4-1.el8cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/smem@1.4-1.el8cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-future-0:0.16.0-1.el8cf.noarch",
"product": {
"name": "python3-future-0:0.16.0-1.el8cf.noarch",
"product_id": "python3-future-0:0.16.0-1.el8cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-future@0.16.0-1.el8cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-bambou-0:3.0.1-2.el8cf.noarch",
"product": {
"name": "python3-bambou-0:3.0.1-2.el8cf.noarch",
"product_id": "python3-bambou-0:3.0.1-2.el8cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-bambou@3.0.1-2.el8cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-requests-toolbelt-0:0.8.0-2.el8cf.noarch",
"product": {
"name": "python3-requests-toolbelt-0:0.8.0-2.el8cf.noarch",
"product_id": "python3-requests-toolbelt-0:0.8.0-2.el8cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-requests-toolbelt@0.8.0-2.el8cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-pylxca-0:2.1.1-2.el8cf.noarch",
"product": {
"name": "python3-pylxca-0:2.1.1-2.el8cf.noarch",
"product_id": "python3-pylxca-0:2.1.1-2.el8cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-pylxca@2.1.1-2.el8cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-tabulate-0:0.8.2-1.el8cf.noarch",
"product": {
"name": "python3-tabulate-0:0.8.2-1.el8cf.noarch",
"product_id": "python3-tabulate-0:0.8.2-1.el8cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-tabulate@0.8.2-1.el8cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-vspk-0:5.3.2-2.el8cf.noarch",
"product": {
"name": "python3-vspk-0:5.3.2-2.el8cf.noarch",
"product_id": "python3-vspk-0:5.3.2-2.el8cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-vspk@5.3.2-2.el8cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ansible-runner-0:1.3.4-2.el8ar.noarch",
"product": {
"name": "ansible-runner-0:1.3.4-2.el8ar.noarch",
"product_id": "ansible-runner-0:1.3.4-2.el8ar.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ansible-runner@1.3.4-2.el8ar?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-ansible-runner-0:1.3.4-2.el8ar.noarch",
"product": {
"name": "python3-ansible-runner-0:1.3.4-2.el8ar.noarch",
"product_id": "python3-ansible-runner-0:1.3.4-2.el8ar.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-ansible-runner@1.3.4-2.el8ar?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-daemon-0:2.1.2-9.el8ar.noarch",
"product": {
"name": "python3-daemon-0:2.1.2-9.el8ar.noarch",
"product_id": "python3-daemon-0:2.1.2-9.el8ar.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-daemon@2.1.2-9.el8ar?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-pexpect-0:4.6-2.el8ar.noarch",
"product": {
"name": "python3-pexpect-0:4.6-2.el8ar.noarch",
"product_id": "python3-pexpect-0:4.6-2.el8ar.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-pexpect@4.6-2.el8ar?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "qpid-proton-c-docs-0:0.28.0-1.el8.noarch",
"product": {
"name": "qpid-proton-c-docs-0:0.28.0-1.el8.noarch",
"product_id": "qpid-proton-c-docs-0:0.28.0-1.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-proton-c-docs@0.28.0-1.el8?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-qpid_proton-doc-0:0.26.0-1.el8cf.noarch",
"product": {
"name": "rubygem-qpid_proton-doc-0:0.26.0-1.el8cf.noarch",
"product_id": "rubygem-qpid_proton-doc-0:0.26.0-1.el8cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-qpid_proton-doc@0.26.0-1.el8cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-escape_utils-doc-0:1.2.1-1.el8cf.noarch",
"product": {
"name": "rubygem-escape_utils-doc-0:1.2.1-1.el8cf.noarch",
"product_id": "rubygem-escape_utils-doc-0:1.2.1-1.el8cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-escape_utils-doc@1.2.1-1.el8cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "v2v-conversion-host-ansible-0:1.14.2-1.el8ev.noarch",
"product": {
"name": "v2v-conversion-host-ansible-0:1.14.2-1.el8ev.noarch",
"product_id": "v2v-conversion-host-ansible-0:1.14.2-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/v2v-conversion-host-ansible@1.14.2-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-lockfile-1:0.11.0-8.el8ar.noarch",
"product": {
"name": "python3-lockfile-1:0.11.0-8.el8ar.noarch",
"product_id": "python3-lockfile-1:0.11.0-8.el8ar.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-lockfile@0.11.0-8.el8ar?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "rubygem-bcrypt-doc-0:3.1.13-1.el8cf.noarch",
"product": {
"name": "rubygem-bcrypt-doc-0:3.1.13-1.el8cf.noarch",
"product_id": "rubygem-bcrypt-doc-0:3.1.13-1.el8cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-bcrypt-doc@3.1.13-1.el8cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-nio4r-doc-0:2.4.0-1.el8cf.noarch",
"product": {
"name": "rubygem-nio4r-doc-0:2.4.0-1.el8cf.noarch",
"product_id": "rubygem-nio4r-doc-0:2.4.0-1.el8cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-nio4r-doc@2.4.0-1.el8cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-unf_ext-doc-0:0.0.7.6-1.el8cf.noarch",
"product": {
"name": "rubygem-unf_ext-doc-0:0.0.7.6-1.el8cf.noarch",
"product_id": "rubygem-unf_ext-doc-0:0.0.7.6-1.el8cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-unf_ext-doc@0.0.7.6-1.el8cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-byebug-doc-0:11.0.1-1.el8cf.noarch",
"product": {
"name": "rubygem-byebug-doc-0:11.0.1-1.el8cf.noarch",
"product_id": "rubygem-byebug-doc-0:11.0.1-1.el8cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-byebug-doc@11.0.1-1.el8cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-ansible-cluster-upgrade-0:1.1.13-1.el8ev.noarch",
"product": {
"name": "ovirt-ansible-cluster-upgrade-0:1.1.13-1.el8ev.noarch",
"product_id": "ovirt-ansible-cluster-upgrade-0:1.1.13-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-ansible-cluster-upgrade@1.1.13-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-ansible-disaster-recovery-0:1.2.0-1.el8ev.noarch",
"product": {
"name": "ovirt-ansible-disaster-recovery-0:1.2.0-1.el8ev.noarch",
"product_id": "ovirt-ansible-disaster-recovery-0:1.2.0-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-ansible-disaster-recovery@1.2.0-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-ansible-engine-setup-0:1.1.9-1.el8ev.noarch",
"product": {
"name": "ovirt-ansible-engine-setup-0:1.1.9-1.el8ev.noarch",
"product_id": "ovirt-ansible-engine-setup-0:1.1.9-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-ansible-engine-setup@1.1.9-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-ansible-hosted-engine-setup-0:1.0.26-1.el8ev.noarch",
"product": {
"name": "ovirt-ansible-hosted-engine-setup-0:1.0.26-1.el8ev.noarch",
"product_id": "ovirt-ansible-hosted-engine-setup-0:1.0.26-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-ansible-hosted-engine-setup@1.0.26-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-ansible-image-template-0:1.1.11-1.el8ev.noarch",
"product": {
"name": "ovirt-ansible-image-template-0:1.1.11-1.el8ev.noarch",
"product_id": "ovirt-ansible-image-template-0:1.1.11-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-ansible-image-template@1.1.11-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-ansible-infra-0:1.1.12-1.el8ev.noarch",
"product": {
"name": "ovirt-ansible-infra-0:1.1.12-1.el8ev.noarch",
"product_id": "ovirt-ansible-infra-0:1.1.12-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-ansible-infra@1.1.12-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-ansible-manageiq-0:1.1.14-1.el8ev.noarch",
"product": {
"name": "ovirt-ansible-manageiq-0:1.1.14-1.el8ev.noarch",
"product_id": "ovirt-ansible-manageiq-0:1.1.14-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-ansible-manageiq@1.1.14-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-ansible-repositories-0:1.1.5-1.el8ev.noarch",
"product": {
"name": "ovirt-ansible-repositories-0:1.1.5-1.el8ev.noarch",
"product_id": "ovirt-ansible-repositories-0:1.1.5-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-ansible-repositories@1.1.5-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-ansible-roles-0:1.1.7-2.el8ev.noarch",
"product": {
"name": "ovirt-ansible-roles-0:1.1.7-2.el8ev.noarch",
"product_id": "ovirt-ansible-roles-0:1.1.7-2.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-ansible-roles@1.1.7-2.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-ansible-shutdown-env-0:1.0.3-1.el8ev.noarch",
"product": {
"name": "ovirt-ansible-shutdown-env-0:1.0.3-1.el8ev.noarch",
"product_id": "ovirt-ansible-shutdown-env-0:1.0.3-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-ansible-shutdown-env@1.0.3-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-ansible-vm-infra-0:1.1.19-1.el8ev.noarch",
"product": {
"name": "ovirt-ansible-vm-infra-0:1.1.19-1.el8ev.noarch",
"product_id": "ovirt-ansible-vm-infra-0:1.1.19-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-ansible-vm-infra@1.1.19-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-rugged-doc-0:0.28.2-1.el8cf.noarch",
"product": {
"name": "rubygem-rugged-doc-0:0.28.2-1.el8cf.noarch",
"product_id": "rubygem-rugged-doc-0:0.28.2-1.el8cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-rugged-doc@0.28.2-1.el8cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-ovirt-engine-sdk4-doc-0:4.3.0-1.el8cf.noarch",
"product": {
"name": "rubygem-ovirt-engine-sdk4-doc-0:4.3.0-1.el8cf.noarch",
"product_id": "rubygem-ovirt-engine-sdk4-doc-0:4.3.0-1.el8cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-ovirt-engine-sdk4-doc@4.3.0-1.el8cf?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "rubygem-ffi-0:1.9.25-1.el8cf.x86_64",
"product": {
"name": "rubygem-ffi-0:1.9.25-1.el8cf.x86_64",
"product_id": "rubygem-ffi-0:1.9.25-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-ffi@1.9.25-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-ffi-debugsource-0:1.9.25-1.el8cf.x86_64",
"product": {
"name": "rubygem-ffi-debugsource-0:1.9.25-1.el8cf.x86_64",
"product_id": "rubygem-ffi-debugsource-0:1.9.25-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-ffi-debugsource@1.9.25-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-ffi-debuginfo-0:1.9.25-1.el8cf.x86_64",
"product": {
"name": "rubygem-ffi-debuginfo-0:1.9.25-1.el8cf.x86_64",
"product_id": "rubygem-ffi-debuginfo-0:1.9.25-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-ffi-debuginfo@1.9.25-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-hamlit-0:2.8.10-1.el8cf.x86_64",
"product": {
"name": "rubygem-hamlit-0:2.8.10-1.el8cf.x86_64",
"product_id": "rubygem-hamlit-0:2.8.10-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-hamlit@2.8.10-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-hamlit-debugsource-0:2.8.10-1.el8cf.x86_64",
"product": {
"name": "rubygem-hamlit-debugsource-0:2.8.10-1.el8cf.x86_64",
"product_id": "rubygem-hamlit-debugsource-0:2.8.10-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-hamlit-debugsource@2.8.10-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-hamlit-debuginfo-0:2.8.10-1.el8cf.x86_64",
"product": {
"name": "rubygem-hamlit-debuginfo-0:2.8.10-1.el8cf.x86_64",
"product_id": "rubygem-hamlit-debuginfo-0:2.8.10-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-hamlit-debuginfo@2.8.10-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-http_parser.rb-0:0.6.0-1.el8cf.x86_64",
"product": {
"name": "rubygem-http_parser.rb-0:0.6.0-1.el8cf.x86_64",
"product_id": "rubygem-http_parser.rb-0:0.6.0-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-http_parser.rb@0.6.0-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-http_parser.rb-debugsource-0:0.6.0-1.el8cf.x86_64",
"product": {
"name": "rubygem-http_parser.rb-debugsource-0:0.6.0-1.el8cf.x86_64",
"product_id": "rubygem-http_parser.rb-debugsource-0:0.6.0-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-http_parser.rb-debugsource@0.6.0-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-http_parser.rb-debuginfo-0:0.6.0-1.el8cf.x86_64",
"product": {
"name": "rubygem-http_parser.rb-debuginfo-0:0.6.0-1.el8cf.x86_64",
"product_id": "rubygem-http_parser.rb-debuginfo-0:0.6.0-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-http_parser.rb-debuginfo@0.6.0-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-linux_block_device-0:0.2.1-1.el8cf.x86_64",
"product": {
"name": "rubygem-linux_block_device-0:0.2.1-1.el8cf.x86_64",
"product_id": "rubygem-linux_block_device-0:0.2.1-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-linux_block_device@0.2.1-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-linux_block_device-debugsource-0:0.2.1-1.el8cf.x86_64",
"product": {
"name": "rubygem-linux_block_device-debugsource-0:0.2.1-1.el8cf.x86_64",
"product_id": "rubygem-linux_block_device-debugsource-0:0.2.1-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-linux_block_device-debugsource@0.2.1-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-linux_block_device-debuginfo-0:0.2.1-1.el8cf.x86_64",
"product": {
"name": "rubygem-linux_block_device-debuginfo-0:0.2.1-1.el8cf.x86_64",
"product_id": "rubygem-linux_block_device-debuginfo-0:0.2.1-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-linux_block_device-debuginfo@0.2.1-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-memory_buffer-0:0.1.0-2.el8cf.x86_64",
"product": {
"name": "rubygem-memory_buffer-0:0.1.0-2.el8cf.x86_64",
"product_id": "rubygem-memory_buffer-0:0.1.0-2.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-memory_buffer@0.1.0-2.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-memory_buffer-debugsource-0:0.1.0-2.el8cf.x86_64",
"product": {
"name": "rubygem-memory_buffer-debugsource-0:0.1.0-2.el8cf.x86_64",
"product_id": "rubygem-memory_buffer-debugsource-0:0.1.0-2.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-memory_buffer-debugsource@0.1.0-2.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-memory_buffer-debuginfo-0:0.1.0-2.el8cf.x86_64",
"product": {
"name": "rubygem-memory_buffer-debuginfo-0:0.1.0-2.el8cf.x86_64",
"product_id": "rubygem-memory_buffer-debuginfo-0:0.1.0-2.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-memory_buffer-debuginfo@0.1.0-2.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-nokogiri-0:1.8.5-1.el8cf.x86_64",
"product": {
"name": "rubygem-nokogiri-0:1.8.5-1.el8cf.x86_64",
"product_id": "rubygem-nokogiri-0:1.8.5-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-nokogiri@1.8.5-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-nokogiri-doc-0:1.8.5-1.el8cf.x86_64",
"product": {
"name": "rubygem-nokogiri-doc-0:1.8.5-1.el8cf.x86_64",
"product_id": "rubygem-nokogiri-doc-0:1.8.5-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-nokogiri-doc@1.8.5-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-nokogiri-debugsource-0:1.8.5-1.el8cf.x86_64",
"product": {
"name": "rubygem-nokogiri-debugsource-0:1.8.5-1.el8cf.x86_64",
"product_id": "rubygem-nokogiri-debugsource-0:1.8.5-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-nokogiri-debugsource@1.8.5-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-nokogiri-debuginfo-0:1.8.5-1.el8cf.x86_64",
"product": {
"name": "rubygem-nokogiri-debuginfo-0:1.8.5-1.el8cf.x86_64",
"product_id": "rubygem-nokogiri-debuginfo-0:1.8.5-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-nokogiri-debuginfo@1.8.5-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-puma-0:3.7.1-1.el8cf.x86_64",
"product": {
"name": "rubygem-puma-0:3.7.1-1.el8cf.x86_64",
"product_id": "rubygem-puma-0:3.7.1-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-puma@3.7.1-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-puma-debugsource-0:3.7.1-1.el8cf.x86_64",
"product": {
"name": "rubygem-puma-debugsource-0:3.7.1-1.el8cf.x86_64",
"product_id": "rubygem-puma-debugsource-0:3.7.1-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-puma-debugsource@3.7.1-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-puma-debuginfo-0:3.7.1-1.el8cf.x86_64",
"product": {
"name": "rubygem-puma-debuginfo-0:3.7.1-1.el8cf.x86_64",
"product_id": "rubygem-puma-debuginfo-0:3.7.1-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-puma-debuginfo@3.7.1-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-sassc-0:2.0.1-1.el8cf.x86_64",
"product": {
"name": "rubygem-sassc-0:2.0.1-1.el8cf.x86_64",
"product_id": "rubygem-sassc-0:2.0.1-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-sassc@2.0.1-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-sassc-debugsource-0:2.0.1-1.el8cf.x86_64",
"product": {
"name": "rubygem-sassc-debugsource-0:2.0.1-1.el8cf.x86_64",
"product_id": "rubygem-sassc-debugsource-0:2.0.1-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-sassc-debugsource@2.0.1-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-sassc-debuginfo-0:2.0.1-1.el8cf.x86_64",
"product": {
"name": "rubygem-sassc-debuginfo-0:2.0.1-1.el8cf.x86_64",
"product_id": "rubygem-sassc-debuginfo-0:2.0.1-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-sassc-debuginfo@2.0.1-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-sqlite3-0:1.3.13-2.el8cf.x86_64",
"product": {
"name": "rubygem-sqlite3-0:1.3.13-2.el8cf.x86_64",
"product_id": "rubygem-sqlite3-0:1.3.13-2.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-sqlite3@1.3.13-2.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-sqlite3-debugsource-0:1.3.13-2.el8cf.x86_64",
"product": {
"name": "rubygem-sqlite3-debugsource-0:1.3.13-2.el8cf.x86_64",
"product_id": "rubygem-sqlite3-debugsource-0:1.3.13-2.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-sqlite3-debugsource@1.3.13-2.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-sqlite3-debuginfo-0:1.3.13-2.el8cf.x86_64",
"product": {
"name": "rubygem-sqlite3-debuginfo-0:1.3.13-2.el8cf.x86_64",
"product_id": "rubygem-sqlite3-debuginfo-0:1.3.13-2.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-sqlite3-debuginfo@1.3.13-2.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-surro-gate-0:1.0.5-1.el8cf.x86_64",
"product": {
"name": "rubygem-surro-gate-0:1.0.5-1.el8cf.x86_64",
"product_id": "rubygem-surro-gate-0:1.0.5-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-surro-gate@1.0.5-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-surro-gate-debugsource-0:1.0.5-1.el8cf.x86_64",
"product": {
"name": "rubygem-surro-gate-debugsource-0:1.0.5-1.el8cf.x86_64",
"product_id": "rubygem-surro-gate-debugsource-0:1.0.5-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-surro-gate-debugsource@1.0.5-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-surro-gate-debuginfo-0:1.0.5-1.el8cf.x86_64",
"product": {
"name": "rubygem-surro-gate-debuginfo-0:1.0.5-1.el8cf.x86_64",
"product_id": "rubygem-surro-gate-debuginfo-0:1.0.5-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-surro-gate-debuginfo@1.0.5-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-websocket-driver-0:0.6.5-1.el8cf.x86_64",
"product": {
"name": "rubygem-websocket-driver-0:0.6.5-1.el8cf.x86_64",
"product_id": "rubygem-websocket-driver-0:0.6.5-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-websocket-driver@0.6.5-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-websocket-driver-debugsource-0:0.6.5-1.el8cf.x86_64",
"product": {
"name": "rubygem-websocket-driver-debugsource-0:0.6.5-1.el8cf.x86_64",
"product_id": "rubygem-websocket-driver-debugsource-0:0.6.5-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-websocket-driver-debugsource@0.6.5-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-websocket-driver-debuginfo-0:0.6.5-1.el8cf.x86_64",
"product": {
"name": "rubygem-websocket-driver-debuginfo-0:0.6.5-1.el8cf.x86_64",
"product_id": "rubygem-websocket-driver-debuginfo-0:0.6.5-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-websocket-driver-debuginfo@0.6.5-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "wmi-0:1.3.14-8.el8cf.x86_64",
"product": {
"name": "wmi-0:1.3.14-8.el8cf.x86_64",
"product_id": "wmi-0:1.3.14-8.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/wmi@1.3.14-8.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "wmi-debugsource-0:1.3.14-8.el8cf.x86_64",
"product": {
"name": "wmi-debugsource-0:1.3.14-8.el8cf.x86_64",
"product_id": "wmi-debugsource-0:1.3.14-8.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/wmi-debugsource@1.3.14-8.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "wmi-debuginfo-0:1.3.14-8.el8cf.x86_64",
"product": {
"name": "wmi-debuginfo-0:1.3.14-8.el8cf.x86_64",
"product_id": "wmi-debuginfo-0:1.3.14-8.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/wmi-debuginfo@1.3.14-8.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "prince-0:12.4-1.el8cf.x86_64",
"product": {
"name": "prince-0:12.4-1.el8cf.x86_64",
"product_id": "prince-0:12.4-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/prince@12.4-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-psutil-0:5.4.3-5.el8ar.x86_64",
"product": {
"name": "python3-psutil-0:5.4.3-5.el8ar.x86_64",
"product_id": "python3-psutil-0:5.4.3-5.el8ar.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-psutil@5.4.3-5.el8ar?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python-psutil-debugsource-0:5.4.3-5.el8ar.x86_64",
"product": {
"name": "python-psutil-debugsource-0:5.4.3-5.el8ar.x86_64",
"product_id": "python-psutil-debugsource-0:5.4.3-5.el8ar.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-psutil-debugsource@5.4.3-5.el8ar?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-psutil-debuginfo-0:5.4.3-5.el8ar.x86_64",
"product": {
"name": "python3-psutil-debuginfo-0:5.4.3-5.el8ar.x86_64",
"product_id": "python3-psutil-debuginfo-0:5.4.3-5.el8ar.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-psutil-debuginfo@5.4.3-5.el8ar?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "repmgr10-0:4.0.6-3.el8cf.x86_64",
"product": {
"name": "repmgr10-0:4.0.6-3.el8cf.x86_64",
"product_id": "repmgr10-0:4.0.6-3.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/repmgr10@4.0.6-3.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "repmgr10-debugsource-0:4.0.6-3.el8cf.x86_64",
"product": {
"name": "repmgr10-debugsource-0:4.0.6-3.el8cf.x86_64",
"product_id": "repmgr10-debugsource-0:4.0.6-3.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/repmgr10-debugsource@4.0.6-3.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "repmgr10-debuginfo-0:4.0.6-3.el8cf.x86_64",
"product": {
"name": "repmgr10-debuginfo-0:4.0.6-3.el8cf.x86_64",
"product_id": "repmgr10-debuginfo-0:4.0.6-3.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/repmgr10-debuginfo@4.0.6-3.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "qpid-proton-c-0:0.28.0-1.el8.x86_64",
"product": {
"name": "qpid-proton-c-0:0.28.0-1.el8.x86_64",
"product_id": "qpid-proton-c-0:0.28.0-1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-proton-c@0.28.0-1.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "qpid-proton-c-devel-0:0.28.0-1.el8.x86_64",
"product": {
"name": "qpid-proton-c-devel-0:0.28.0-1.el8.x86_64",
"product_id": "qpid-proton-c-devel-0:0.28.0-1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-proton-c-devel@0.28.0-1.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "qpid-proton-debugsource-0:0.28.0-1.el8.x86_64",
"product": {
"name": "qpid-proton-debugsource-0:0.28.0-1.el8.x86_64",
"product_id": "qpid-proton-debugsource-0:0.28.0-1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-proton-debugsource@0.28.0-1.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-qpid-proton-debuginfo-0:0.28.0-1.el8.x86_64",
"product": {
"name": "python3-qpid-proton-debuginfo-0:0.28.0-1.el8.x86_64",
"product_id": "python3-qpid-proton-debuginfo-0:0.28.0-1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-qpid-proton-debuginfo@0.28.0-1.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "qpid-proton-c-debuginfo-0:0.28.0-1.el8.x86_64",
"product": {
"name": "qpid-proton-c-debuginfo-0:0.28.0-1.el8.x86_64",
"product_id": "qpid-proton-c-debuginfo-0:0.28.0-1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-proton-c-debuginfo@0.28.0-1.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "qpid-proton-cpp-debuginfo-0:0.28.0-1.el8.x86_64",
"product": {
"name": "qpid-proton-cpp-debuginfo-0:0.28.0-1.el8.x86_64",
"product_id": "qpid-proton-cpp-debuginfo-0:0.28.0-1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-proton-cpp-debuginfo@0.28.0-1.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "qpid-proton-debuginfo-0:0.28.0-1.el8.x86_64",
"product": {
"name": "qpid-proton-debuginfo-0:0.28.0-1.el8.x86_64",
"product_id": "qpid-proton-debuginfo-0:0.28.0-1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-proton-debuginfo@0.28.0-1.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-qpid_proton-0:0.26.0-1.el8cf.x86_64",
"product": {
"name": "rubygem-qpid_proton-0:0.26.0-1.el8cf.x86_64",
"product_id": "rubygem-qpid_proton-0:0.26.0-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-qpid_proton@0.26.0-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-qpid_proton-debugsource-0:0.26.0-1.el8cf.x86_64",
"product": {
"name": "rubygem-qpid_proton-debugsource-0:0.26.0-1.el8cf.x86_64",
"product_id": "rubygem-qpid_proton-debugsource-0:0.26.0-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-qpid_proton-debugsource@0.26.0-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-qpid_proton-debuginfo-0:0.26.0-1.el8cf.x86_64",
"product": {
"name": "rubygem-qpid_proton-debuginfo-0:0.26.0-1.el8cf.x86_64",
"product_id": "rubygem-qpid_proton-debuginfo-0:0.26.0-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-qpid_proton-debuginfo@0.26.0-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-escape_utils-0:1.2.1-1.el8cf.x86_64",
"product": {
"name": "rubygem-escape_utils-0:1.2.1-1.el8cf.x86_64",
"product_id": "rubygem-escape_utils-0:1.2.1-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-escape_utils@1.2.1-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-escape_utils-debugsource-0:1.2.1-1.el8cf.x86_64",
"product": {
"name": "rubygem-escape_utils-debugsource-0:1.2.1-1.el8cf.x86_64",
"product_id": "rubygem-escape_utils-debugsource-0:1.2.1-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-escape_utils-debugsource@1.2.1-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-escape_utils-debuginfo-0:1.2.1-1.el8cf.x86_64",
"product": {
"name": "rubygem-escape_utils-debuginfo-0:1.2.1-1.el8cf.x86_64",
"product_id": "rubygem-escape_utils-debuginfo-0:1.2.1-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-escape_utils-debuginfo@1.2.1-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-bcrypt-0:3.1.13-1.el8cf.x86_64",
"product": {
"name": "rubygem-bcrypt-0:3.1.13-1.el8cf.x86_64",
"product_id": "rubygem-bcrypt-0:3.1.13-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-bcrypt@3.1.13-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-bcrypt-debugsource-0:3.1.13-1.el8cf.x86_64",
"product": {
"name": "rubygem-bcrypt-debugsource-0:3.1.13-1.el8cf.x86_64",
"product_id": "rubygem-bcrypt-debugsource-0:3.1.13-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-bcrypt-debugsource@3.1.13-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-bcrypt-debuginfo-0:3.1.13-1.el8cf.x86_64",
"product": {
"name": "rubygem-bcrypt-debuginfo-0:3.1.13-1.el8cf.x86_64",
"product_id": "rubygem-bcrypt-debuginfo-0:3.1.13-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-bcrypt-debuginfo@3.1.13-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-nio4r-0:2.4.0-1.el8cf.x86_64",
"product": {
"name": "rubygem-nio4r-0:2.4.0-1.el8cf.x86_64",
"product_id": "rubygem-nio4r-0:2.4.0-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-nio4r@2.4.0-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-nio4r-debugsource-0:2.4.0-1.el8cf.x86_64",
"product": {
"name": "rubygem-nio4r-debugsource-0:2.4.0-1.el8cf.x86_64",
"product_id": "rubygem-nio4r-debugsource-0:2.4.0-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-nio4r-debugsource@2.4.0-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-nio4r-debuginfo-0:2.4.0-1.el8cf.x86_64",
"product": {
"name": "rubygem-nio4r-debuginfo-0:2.4.0-1.el8cf.x86_64",
"product_id": "rubygem-nio4r-debuginfo-0:2.4.0-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-nio4r-debuginfo@2.4.0-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-unf_ext-0:0.0.7.6-1.el8cf.x86_64",
"product": {
"name": "rubygem-unf_ext-0:0.0.7.6-1.el8cf.x86_64",
"product_id": "rubygem-unf_ext-0:0.0.7.6-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-unf_ext@0.0.7.6-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-unf_ext-debugsource-0:0.0.7.6-1.el8cf.x86_64",
"product": {
"name": "rubygem-unf_ext-debugsource-0:0.0.7.6-1.el8cf.x86_64",
"product_id": "rubygem-unf_ext-debugsource-0:0.0.7.6-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-unf_ext-debugsource@0.0.7.6-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-unf_ext-debuginfo-0:0.0.7.6-1.el8cf.x86_64",
"product": {
"name": "rubygem-unf_ext-debuginfo-0:0.0.7.6-1.el8cf.x86_64",
"product_id": "rubygem-unf_ext-debuginfo-0:0.0.7.6-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-unf_ext-debuginfo@0.0.7.6-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-byebug-0:11.0.1-1.el8cf.x86_64",
"product": {
"name": "rubygem-byebug-0:11.0.1-1.el8cf.x86_64",
"product_id": "rubygem-byebug-0:11.0.1-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-byebug@11.0.1-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-byebug-debugsource-0:11.0.1-1.el8cf.x86_64",
"product": {
"name": "rubygem-byebug-debugsource-0:11.0.1-1.el8cf.x86_64",
"product_id": "rubygem-byebug-debugsource-0:11.0.1-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-byebug-debugsource@11.0.1-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-byebug-debuginfo-0:11.0.1-1.el8cf.x86_64",
"product": {
"name": "rubygem-byebug-debuginfo-0:11.0.1-1.el8cf.x86_64",
"product_id": "rubygem-byebug-debuginfo-0:11.0.1-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-byebug-debuginfo@11.0.1-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-ovirt-engine-sdk4-0:4.3.2-1.el8ev.x86_64",
"product": {
"name": "python3-ovirt-engine-sdk4-0:4.3.2-1.el8ev.x86_64",
"product_id": "python3-ovirt-engine-sdk4-0:4.3.2-1.el8ev.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-ovirt-engine-sdk4@4.3.2-1.el8ev?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-ovirt-engine-sdk4-debugsource-0:4.3.2-1.el8ev.x86_64",
"product": {
"name": "python3-ovirt-engine-sdk4-debugsource-0:4.3.2-1.el8ev.x86_64",
"product_id": "python3-ovirt-engine-sdk4-debugsource-0:4.3.2-1.el8ev.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-ovirt-engine-sdk4-debugsource@4.3.2-1.el8ev?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-ovirt-engine-sdk4-debuginfo-0:4.3.2-1.el8ev.x86_64",
"product": {
"name": "python3-ovirt-engine-sdk4-debuginfo-0:4.3.2-1.el8ev.x86_64",
"product_id": "python3-ovirt-engine-sdk4-debuginfo-0:4.3.2-1.el8ev.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-ovirt-engine-sdk4-debuginfo@4.3.2-1.el8ev?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-rugged-0:0.28.2-1.el8cf.x86_64",
"product": {
"name": "rubygem-rugged-0:0.28.2-1.el8cf.x86_64",
"product_id": "rubygem-rugged-0:0.28.2-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-rugged@0.28.2-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-rugged-debugsource-0:0.28.2-1.el8cf.x86_64",
"product": {
"name": "rubygem-rugged-debugsource-0:0.28.2-1.el8cf.x86_64",
"product_id": "rubygem-rugged-debugsource-0:0.28.2-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-rugged-debugsource@0.28.2-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-rugged-debuginfo-0:0.28.2-1.el8cf.x86_64",
"product": {
"name": "rubygem-rugged-debuginfo-0:0.28.2-1.el8cf.x86_64",
"product_id": "rubygem-rugged-debuginfo-0:0.28.2-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-rugged-debuginfo@0.28.2-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-ovirt-engine-sdk4-0:4.3.0-1.el8cf.x86_64",
"product": {
"name": "rubygem-ovirt-engine-sdk4-0:4.3.0-1.el8cf.x86_64",
"product_id": "rubygem-ovirt-engine-sdk4-0:4.3.0-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-ovirt-engine-sdk4@4.3.0-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-ovirt-engine-sdk4-debugsource-0:4.3.0-1.el8cf.x86_64",
"product": {
"name": "rubygem-ovirt-engine-sdk4-debugsource-0:4.3.0-1.el8cf.x86_64",
"product_id": "rubygem-ovirt-engine-sdk4-debugsource-0:4.3.0-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-ovirt-engine-sdk4-debugsource@4.3.0-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-ovirt-engine-sdk4-debuginfo-0:4.3.0-1.el8cf.x86_64",
"product": {
"name": "rubygem-ovirt-engine-sdk4-debuginfo-0:4.3.0-1.el8cf.x86_64",
"product_id": "rubygem-ovirt-engine-sdk4-debuginfo-0:4.3.0-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-ovirt-engine-sdk4-debuginfo@4.3.0-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ansible-tower-venv-ansible-0:3.5.2-1.el8at.x86_64",
"product": {
"name": "ansible-tower-venv-ansible-0:3.5.2-1.el8at.x86_64",
"product_id": "ansible-tower-venv-ansible-0:3.5.2-1.el8at.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ansible-tower-venv-ansible@3.5.2-1.el8at?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cfme-gemset-0:5.11.0.28-1.el8cf.x86_64",
"product": {
"name": "cfme-gemset-0:5.11.0.28-1.el8cf.x86_64",
"product_id": "cfme-gemset-0:5.11.0.28-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cfme-gemset@5.11.0.28-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cfme-appliance-0:5.11.0.28-1.el8cf.x86_64",
"product": {
"name": "cfme-appliance-0:5.11.0.28-1.el8cf.x86_64",
"product_id": "cfme-appliance-0:5.11.0.28-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cfme-appliance@5.11.0.28-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cfme-appliance-common-0:5.11.0.28-1.el8cf.x86_64",
"product": {
"name": "cfme-appliance-common-0:5.11.0.28-1.el8cf.x86_64",
"product_id": "cfme-appliance-common-0:5.11.0.28-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cfme-appliance-common@5.11.0.28-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cfme-appliance-tools-0:5.11.0.28-1.el8cf.x86_64",
"product": {
"name": "cfme-appliance-tools-0:5.11.0.28-1.el8cf.x86_64",
"product_id": "cfme-appliance-tools-0:5.11.0.28-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cfme-appliance-tools@5.11.0.28-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cfme-0:5.11.0.28-1.el8cf.x86_64",
"product": {
"name": "cfme-0:5.11.0.28-1.el8cf.x86_64",
"product_id": "cfme-0:5.11.0.28-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cfme@5.11.0.28-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cfme-amazon-smartstate-0:5.11.0.28-1.el8cf.x86_64",
"product": {
"name": "cfme-amazon-smartstate-0:5.11.0.28-1.el8cf.x86_64",
"product_id": "cfme-amazon-smartstate-0:5.11.0.28-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cfme-amazon-smartstate@5.11.0.28-1.el8cf?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-runner-0:1.3.4-2.el8ar.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:ansible-runner-0:1.3.4-2.el8ar.noarch"
},
"product_reference": "ansible-runner-0:1.3.4-2.el8ar.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-runner-0:1.3.4-2.el8ar.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:ansible-runner-0:1.3.4-2.el8ar.src"
},
"product_reference": "ansible-runner-0:1.3.4-2.el8ar.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-tower-venv-ansible-0:3.5.2-1.el8at.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:ansible-tower-venv-ansible-0:3.5.2-1.el8at.x86_64"
},
"product_reference": "ansible-tower-venv-ansible-0:3.5.2-1.el8at.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cfme-0:5.11.0.28-1.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:cfme-0:5.11.0.28-1.el8cf.src"
},
"product_reference": "cfme-0:5.11.0.28-1.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cfme-0:5.11.0.28-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:cfme-0:5.11.0.28-1.el8cf.x86_64"
},
"product_reference": "cfme-0:5.11.0.28-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cfme-amazon-smartstate-0:5.11.0.28-1.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:cfme-amazon-smartstate-0:5.11.0.28-1.el8cf.src"
},
"product_reference": "cfme-amazon-smartstate-0:5.11.0.28-1.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cfme-amazon-smartstate-0:5.11.0.28-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:cfme-amazon-smartstate-0:5.11.0.28-1.el8cf.x86_64"
},
"product_reference": "cfme-amazon-smartstate-0:5.11.0.28-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cfme-appliance-0:5.11.0.28-1.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:cfme-appliance-0:5.11.0.28-1.el8cf.src"
},
"product_reference": "cfme-appliance-0:5.11.0.28-1.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cfme-appliance-0:5.11.0.28-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:cfme-appliance-0:5.11.0.28-1.el8cf.x86_64"
},
"product_reference": "cfme-appliance-0:5.11.0.28-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cfme-appliance-common-0:5.11.0.28-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:cfme-appliance-common-0:5.11.0.28-1.el8cf.x86_64"
},
"product_reference": "cfme-appliance-common-0:5.11.0.28-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cfme-appliance-tools-0:5.11.0.28-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:cfme-appliance-tools-0:5.11.0.28-1.el8cf.x86_64"
},
"product_reference": "cfme-appliance-tools-0:5.11.0.28-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cfme-gemset-0:5.11.0.28-1.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:cfme-gemset-0:5.11.0.28-1.el8cf.src"
},
"product_reference": "cfme-gemset-0:5.11.0.28-1.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cfme-gemset-0:5.11.0.28-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:cfme-gemset-0:5.11.0.28-1.el8cf.x86_64"
},
"product_reference": "cfme-gemset-0:5.11.0.28-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-ansible-cluster-upgrade-0:1.1.13-1.el8ev.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:ovirt-ansible-cluster-upgrade-0:1.1.13-1.el8ev.noarch"
},
"product_reference": "ovirt-ansible-cluster-upgrade-0:1.1.13-1.el8ev.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-ansible-cluster-upgrade-0:1.1.13-1.el8ev.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:ovirt-ansible-cluster-upgrade-0:1.1.13-1.el8ev.src"
},
"product_reference": "ovirt-ansible-cluster-upgrade-0:1.1.13-1.el8ev.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-ansible-disaster-recovery-0:1.2.0-1.el8ev.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:ovirt-ansible-disaster-recovery-0:1.2.0-1.el8ev.noarch"
},
"product_reference": "ovirt-ansible-disaster-recovery-0:1.2.0-1.el8ev.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-ansible-disaster-recovery-0:1.2.0-1.el8ev.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:ovirt-ansible-disaster-recovery-0:1.2.0-1.el8ev.src"
},
"product_reference": "ovirt-ansible-disaster-recovery-0:1.2.0-1.el8ev.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-ansible-engine-setup-0:1.1.9-1.el8ev.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:ovirt-ansible-engine-setup-0:1.1.9-1.el8ev.noarch"
},
"product_reference": "ovirt-ansible-engine-setup-0:1.1.9-1.el8ev.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-ansible-engine-setup-0:1.1.9-1.el8ev.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:ovirt-ansible-engine-setup-0:1.1.9-1.el8ev.src"
},
"product_reference": "ovirt-ansible-engine-setup-0:1.1.9-1.el8ev.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-ansible-hosted-engine-setup-0:1.0.26-1.el8ev.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:ovirt-ansible-hosted-engine-setup-0:1.0.26-1.el8ev.noarch"
},
"product_reference": "ovirt-ansible-hosted-engine-setup-0:1.0.26-1.el8ev.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-ansible-hosted-engine-setup-0:1.0.26-1.el8ev.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:ovirt-ansible-hosted-engine-setup-0:1.0.26-1.el8ev.src"
},
"product_reference": "ovirt-ansible-hosted-engine-setup-0:1.0.26-1.el8ev.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-ansible-image-template-0:1.1.11-1.el8ev.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:ovirt-ansible-image-template-0:1.1.11-1.el8ev.noarch"
},
"product_reference": "ovirt-ansible-image-template-0:1.1.11-1.el8ev.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-ansible-image-template-0:1.1.11-1.el8ev.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:ovirt-ansible-image-template-0:1.1.11-1.el8ev.src"
},
"product_reference": "ovirt-ansible-image-template-0:1.1.11-1.el8ev.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-ansible-infra-0:1.1.12-1.el8ev.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:ovirt-ansible-infra-0:1.1.12-1.el8ev.noarch"
},
"product_reference": "ovirt-ansible-infra-0:1.1.12-1.el8ev.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-ansible-infra-0:1.1.12-1.el8ev.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:ovirt-ansible-infra-0:1.1.12-1.el8ev.src"
},
"product_reference": "ovirt-ansible-infra-0:1.1.12-1.el8ev.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-ansible-manageiq-0:1.1.14-1.el8ev.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:ovirt-ansible-manageiq-0:1.1.14-1.el8ev.noarch"
},
"product_reference": "ovirt-ansible-manageiq-0:1.1.14-1.el8ev.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-ansible-manageiq-0:1.1.14-1.el8ev.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:ovirt-ansible-manageiq-0:1.1.14-1.el8ev.src"
},
"product_reference": "ovirt-ansible-manageiq-0:1.1.14-1.el8ev.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-ansible-repositories-0:1.1.5-1.el8ev.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:ovirt-ansible-repositories-0:1.1.5-1.el8ev.noarch"
},
"product_reference": "ovirt-ansible-repositories-0:1.1.5-1.el8ev.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-ansible-repositories-0:1.1.5-1.el8ev.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:ovirt-ansible-repositories-0:1.1.5-1.el8ev.src"
},
"product_reference": "ovirt-ansible-repositories-0:1.1.5-1.el8ev.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-ansible-roles-0:1.1.7-2.el8ev.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:ovirt-ansible-roles-0:1.1.7-2.el8ev.noarch"
},
"product_reference": "ovirt-ansible-roles-0:1.1.7-2.el8ev.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-ansible-roles-0:1.1.7-2.el8ev.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:ovirt-ansible-roles-0:1.1.7-2.el8ev.src"
},
"product_reference": "ovirt-ansible-roles-0:1.1.7-2.el8ev.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-ansible-shutdown-env-0:1.0.3-1.el8ev.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:ovirt-ansible-shutdown-env-0:1.0.3-1.el8ev.noarch"
},
"product_reference": "ovirt-ansible-shutdown-env-0:1.0.3-1.el8ev.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-ansible-shutdown-env-0:1.0.3-1.el8ev.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:ovirt-ansible-shutdown-env-0:1.0.3-1.el8ev.src"
},
"product_reference": "ovirt-ansible-shutdown-env-0:1.0.3-1.el8ev.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-ansible-vm-infra-0:1.1.19-1.el8ev.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:ovirt-ansible-vm-infra-0:1.1.19-1.el8ev.noarch"
},
"product_reference": "ovirt-ansible-vm-infra-0:1.1.19-1.el8ev.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-ansible-vm-infra-0:1.1.19-1.el8ev.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:ovirt-ansible-vm-infra-0:1.1.19-1.el8ev.src"
},
"product_reference": "ovirt-ansible-vm-infra-0:1.1.19-1.el8ev.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prince-0:12.4-1.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:prince-0:12.4-1.el8cf.src"
},
"product_reference": "prince-0:12.4-1.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prince-0:12.4-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:prince-0:12.4-1.el8cf.x86_64"
},
"product_reference": "prince-0:12.4-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-bambou-0:3.0.1-2.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python-bambou-0:3.0.1-2.el8cf.src"
},
"product_reference": "python-bambou-0:3.0.1-2.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-colorama-0:0.4.1-1.el8ost.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python-colorama-0:0.4.1-1.el8ost.src"
},
"product_reference": "python-colorama-0:0.4.1-1.el8ost.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-daemon-0:2.1.2-9.el8ar.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python-daemon-0:2.1.2-9.el8ar.src"
},
"product_reference": "python-daemon-0:2.1.2-9.el8ar.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-funcsigs-0:1.0.2-3.el8ost.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python-funcsigs-0:1.0.2-3.el8ost.src"
},
"product_reference": "python-funcsigs-0:1.0.2-3.el8ost.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-future-0:0.16.0-1.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python-future-0:0.16.0-1.el8cf.src"
},
"product_reference": "python-future-0:0.16.0-1.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-lockfile-1:0.11.0-8.el8ar.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python-lockfile-1:0.11.0-8.el8ar.src"
},
"product_reference": "python-lockfile-1:0.11.0-8.el8ar.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-mock-0:2.0.0-11.el8ost.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python-mock-0:2.0.0-11.el8ost.src"
},
"product_reference": "python-mock-0:2.0.0-11.el8ost.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pbr-0:5.1.2-2.el8ost.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python-pbr-0:5.1.2-2.el8ost.src"
},
"product_reference": "python-pbr-0:5.1.2-2.el8ost.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pexpect-0:4.6-2.el8ar.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python-pexpect-0:4.6-2.el8ar.src"
},
"product_reference": "python-pexpect-0:4.6-2.el8ar.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-psutil-0:5.4.3-5.el8ar.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python-psutil-0:5.4.3-5.el8ar.src"
},
"product_reference": "python-psutil-0:5.4.3-5.el8ar.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-psutil-debugsource-0:5.4.3-5.el8ar.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python-psutil-debugsource-0:5.4.3-5.el8ar.x86_64"
},
"product_reference": "python-psutil-debugsource-0:5.4.3-5.el8ar.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pylxca-0:2.1.1-2.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python-pylxca-0:2.1.1-2.el8cf.src"
},
"product_reference": "python-pylxca-0:2.1.1-2.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-requests-toolbelt-0:0.8.0-2.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python-requests-toolbelt-0:0.8.0-2.el8cf.src"
},
"product_reference": "python-requests-toolbelt-0:0.8.0-2.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-tabulate-0:0.8.2-1.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python-tabulate-0:0.8.2-1.el8cf.src"
},
"product_reference": "python-tabulate-0:0.8.2-1.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-vspk-0:5.3.2-2.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python-vspk-0:5.3.2-2.el8cf.src"
},
"product_reference": "python-vspk-0:5.3.2-2.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-ansible-runner-0:1.3.4-2.el8ar.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python3-ansible-runner-0:1.3.4-2.el8ar.noarch"
},
"product_reference": "python3-ansible-runner-0:1.3.4-2.el8ar.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-bambou-0:3.0.1-2.el8cf.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python3-bambou-0:3.0.1-2.el8cf.noarch"
},
"product_reference": "python3-bambou-0:3.0.1-2.el8cf.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-colorama-0:0.4.1-1.el8ost.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python3-colorama-0:0.4.1-1.el8ost.noarch"
},
"product_reference": "python3-colorama-0:0.4.1-1.el8ost.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-daemon-0:2.1.2-9.el8ar.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python3-daemon-0:2.1.2-9.el8ar.noarch"
},
"product_reference": "python3-daemon-0:2.1.2-9.el8ar.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-funcsigs-0:1.0.2-3.el8ost.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python3-funcsigs-0:1.0.2-3.el8ost.noarch"
},
"product_reference": "python3-funcsigs-0:1.0.2-3.el8ost.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-future-0:0.16.0-1.el8cf.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python3-future-0:0.16.0-1.el8cf.noarch"
},
"product_reference": "python3-future-0:0.16.0-1.el8cf.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-lockfile-1:0.11.0-8.el8ar.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python3-lockfile-1:0.11.0-8.el8ar.noarch"
},
"product_reference": "python3-lockfile-1:0.11.0-8.el8ar.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-mock-0:2.0.0-11.el8ost.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python3-mock-0:2.0.0-11.el8ost.noarch"
},
"product_reference": "python3-mock-0:2.0.0-11.el8ost.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-ovirt-engine-sdk4-0:4.3.2-1.el8ev.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python3-ovirt-engine-sdk4-0:4.3.2-1.el8ev.src"
},
"product_reference": "python3-ovirt-engine-sdk4-0:4.3.2-1.el8ev.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-ovirt-engine-sdk4-0:4.3.2-1.el8ev.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python3-ovirt-engine-sdk4-0:4.3.2-1.el8ev.x86_64"
},
"product_reference": "python3-ovirt-engine-sdk4-0:4.3.2-1.el8ev.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-ovirt-engine-sdk4-debuginfo-0:4.3.2-1.el8ev.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python3-ovirt-engine-sdk4-debuginfo-0:4.3.2-1.el8ev.x86_64"
},
"product_reference": "python3-ovirt-engine-sdk4-debuginfo-0:4.3.2-1.el8ev.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-ovirt-engine-sdk4-debugsource-0:4.3.2-1.el8ev.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python3-ovirt-engine-sdk4-debugsource-0:4.3.2-1.el8ev.x86_64"
},
"product_reference": "python3-ovirt-engine-sdk4-debugsource-0:4.3.2-1.el8ev.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pbr-0:5.1.2-2.el8ost.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python3-pbr-0:5.1.2-2.el8ost.noarch"
},
"product_reference": "python3-pbr-0:5.1.2-2.el8ost.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pexpect-0:4.6-2.el8ar.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python3-pexpect-0:4.6-2.el8ar.noarch"
},
"product_reference": "python3-pexpect-0:4.6-2.el8ar.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-psutil-0:5.4.3-5.el8ar.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python3-psutil-0:5.4.3-5.el8ar.x86_64"
},
"product_reference": "python3-psutil-0:5.4.3-5.el8ar.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-psutil-debuginfo-0:5.4.3-5.el8ar.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python3-psutil-debuginfo-0:5.4.3-5.el8ar.x86_64"
},
"product_reference": "python3-psutil-debuginfo-0:5.4.3-5.el8ar.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pylxca-0:2.1.1-2.el8cf.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python3-pylxca-0:2.1.1-2.el8cf.noarch"
},
"product_reference": "python3-pylxca-0:2.1.1-2.el8cf.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-qpid-proton-debuginfo-0:0.28.0-1.el8.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python3-qpid-proton-debuginfo-0:0.28.0-1.el8.x86_64"
},
"product_reference": "python3-qpid-proton-debuginfo-0:0.28.0-1.el8.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-requests-toolbelt-0:0.8.0-2.el8cf.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python3-requests-toolbelt-0:0.8.0-2.el8cf.noarch"
},
"product_reference": "python3-requests-toolbelt-0:0.8.0-2.el8cf.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-tabulate-0:0.8.2-1.el8cf.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python3-tabulate-0:0.8.2-1.el8cf.noarch"
},
"product_reference": "python3-tabulate-0:0.8.2-1.el8cf.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-vspk-0:5.3.2-2.el8cf.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python3-vspk-0:5.3.2-2.el8cf.noarch"
},
"product_reference": "python3-vspk-0:5.3.2-2.el8cf.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-0:0.28.0-1.el8.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:qpid-proton-0:0.28.0-1.el8.src"
},
"product_reference": "qpid-proton-0:0.28.0-1.el8.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-c-0:0.28.0-1.el8.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:qpid-proton-c-0:0.28.0-1.el8.x86_64"
},
"product_reference": "qpid-proton-c-0:0.28.0-1.el8.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-c-debuginfo-0:0.28.0-1.el8.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:qpid-proton-c-debuginfo-0:0.28.0-1.el8.x86_64"
},
"product_reference": "qpid-proton-c-debuginfo-0:0.28.0-1.el8.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-c-devel-0:0.28.0-1.el8.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:qpid-proton-c-devel-0:0.28.0-1.el8.x86_64"
},
"product_reference": "qpid-proton-c-devel-0:0.28.0-1.el8.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-c-docs-0:0.28.0-1.el8.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:qpid-proton-c-docs-0:0.28.0-1.el8.noarch"
},
"product_reference": "qpid-proton-c-docs-0:0.28.0-1.el8.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-cpp-debuginfo-0:0.28.0-1.el8.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:qpid-proton-cpp-debuginfo-0:0.28.0-1.el8.x86_64"
},
"product_reference": "qpid-proton-cpp-debuginfo-0:0.28.0-1.el8.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-debuginfo-0:0.28.0-1.el8.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:qpid-proton-debuginfo-0:0.28.0-1.el8.x86_64"
},
"product_reference": "qpid-proton-debuginfo-0:0.28.0-1.el8.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-debugsource-0:0.28.0-1.el8.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:qpid-proton-debugsource-0:0.28.0-1.el8.x86_64"
},
"product_reference": "qpid-proton-debugsource-0:0.28.0-1.el8.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "repmgr10-0:4.0.6-3.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:repmgr10-0:4.0.6-3.el8cf.src"
},
"product_reference": "repmgr10-0:4.0.6-3.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "repmgr10-0:4.0.6-3.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:repmgr10-0:4.0.6-3.el8cf.x86_64"
},
"product_reference": "repmgr10-0:4.0.6-3.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "repmgr10-debuginfo-0:4.0.6-3.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:repmgr10-debuginfo-0:4.0.6-3.el8cf.x86_64"
},
"product_reference": "repmgr10-debuginfo-0:4.0.6-3.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "repmgr10-debugsource-0:4.0.6-3.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:repmgr10-debugsource-0:4.0.6-3.el8cf.x86_64"
},
"product_reference": "repmgr10-debugsource-0:4.0.6-3.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-bcrypt-0:3.1.13-1.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-bcrypt-0:3.1.13-1.el8cf.src"
},
"product_reference": "rubygem-bcrypt-0:3.1.13-1.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-bcrypt-0:3.1.13-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-bcrypt-0:3.1.13-1.el8cf.x86_64"
},
"product_reference": "rubygem-bcrypt-0:3.1.13-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-bcrypt-debuginfo-0:3.1.13-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-bcrypt-debuginfo-0:3.1.13-1.el8cf.x86_64"
},
"product_reference": "rubygem-bcrypt-debuginfo-0:3.1.13-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-bcrypt-debugsource-0:3.1.13-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-bcrypt-debugsource-0:3.1.13-1.el8cf.x86_64"
},
"product_reference": "rubygem-bcrypt-debugsource-0:3.1.13-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-bcrypt-doc-0:3.1.13-1.el8cf.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-bcrypt-doc-0:3.1.13-1.el8cf.noarch"
},
"product_reference": "rubygem-bcrypt-doc-0:3.1.13-1.el8cf.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-byebug-0:11.0.1-1.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-byebug-0:11.0.1-1.el8cf.src"
},
"product_reference": "rubygem-byebug-0:11.0.1-1.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-byebug-0:11.0.1-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-byebug-0:11.0.1-1.el8cf.x86_64"
},
"product_reference": "rubygem-byebug-0:11.0.1-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-byebug-debuginfo-0:11.0.1-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-byebug-debuginfo-0:11.0.1-1.el8cf.x86_64"
},
"product_reference": "rubygem-byebug-debuginfo-0:11.0.1-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-byebug-debugsource-0:11.0.1-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-byebug-debugsource-0:11.0.1-1.el8cf.x86_64"
},
"product_reference": "rubygem-byebug-debugsource-0:11.0.1-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-byebug-doc-0:11.0.1-1.el8cf.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-byebug-doc-0:11.0.1-1.el8cf.noarch"
},
"product_reference": "rubygem-byebug-doc-0:11.0.1-1.el8cf.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-escape_utils-0:1.2.1-1.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-escape_utils-0:1.2.1-1.el8cf.src"
},
"product_reference": "rubygem-escape_utils-0:1.2.1-1.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-escape_utils-0:1.2.1-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-escape_utils-0:1.2.1-1.el8cf.x86_64"
},
"product_reference": "rubygem-escape_utils-0:1.2.1-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-escape_utils-debuginfo-0:1.2.1-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-escape_utils-debuginfo-0:1.2.1-1.el8cf.x86_64"
},
"product_reference": "rubygem-escape_utils-debuginfo-0:1.2.1-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-escape_utils-debugsource-0:1.2.1-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-escape_utils-debugsource-0:1.2.1-1.el8cf.x86_64"
},
"product_reference": "rubygem-escape_utils-debugsource-0:1.2.1-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-escape_utils-doc-0:1.2.1-1.el8cf.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-escape_utils-doc-0:1.2.1-1.el8cf.noarch"
},
"product_reference": "rubygem-escape_utils-doc-0:1.2.1-1.el8cf.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-ffi-0:1.9.25-1.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-ffi-0:1.9.25-1.el8cf.src"
},
"product_reference": "rubygem-ffi-0:1.9.25-1.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-ffi-0:1.9.25-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-ffi-0:1.9.25-1.el8cf.x86_64"
},
"product_reference": "rubygem-ffi-0:1.9.25-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-ffi-debuginfo-0:1.9.25-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-ffi-debuginfo-0:1.9.25-1.el8cf.x86_64"
},
"product_reference": "rubygem-ffi-debuginfo-0:1.9.25-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-ffi-debugsource-0:1.9.25-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-ffi-debugsource-0:1.9.25-1.el8cf.x86_64"
},
"product_reference": "rubygem-ffi-debugsource-0:1.9.25-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-ffi-doc-0:1.9.25-1.el8cf.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-ffi-doc-0:1.9.25-1.el8cf.noarch"
},
"product_reference": "rubygem-ffi-doc-0:1.9.25-1.el8cf.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-hamlit-0:2.8.10-1.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-hamlit-0:2.8.10-1.el8cf.src"
},
"product_reference": "rubygem-hamlit-0:2.8.10-1.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-hamlit-0:2.8.10-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-hamlit-0:2.8.10-1.el8cf.x86_64"
},
"product_reference": "rubygem-hamlit-0:2.8.10-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-hamlit-debuginfo-0:2.8.10-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-hamlit-debuginfo-0:2.8.10-1.el8cf.x86_64"
},
"product_reference": "rubygem-hamlit-debuginfo-0:2.8.10-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-hamlit-debugsource-0:2.8.10-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-hamlit-debugsource-0:2.8.10-1.el8cf.x86_64"
},
"product_reference": "rubygem-hamlit-debugsource-0:2.8.10-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-hamlit-doc-0:2.8.10-1.el8cf.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-hamlit-doc-0:2.8.10-1.el8cf.noarch"
},
"product_reference": "rubygem-hamlit-doc-0:2.8.10-1.el8cf.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-http_parser.rb-0:0.6.0-1.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-http_parser.rb-0:0.6.0-1.el8cf.src"
},
"product_reference": "rubygem-http_parser.rb-0:0.6.0-1.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-http_parser.rb-0:0.6.0-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-http_parser.rb-0:0.6.0-1.el8cf.x86_64"
},
"product_reference": "rubygem-http_parser.rb-0:0.6.0-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-http_parser.rb-debuginfo-0:0.6.0-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-http_parser.rb-debuginfo-0:0.6.0-1.el8cf.x86_64"
},
"product_reference": "rubygem-http_parser.rb-debuginfo-0:0.6.0-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-http_parser.rb-debugsource-0:0.6.0-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-http_parser.rb-debugsource-0:0.6.0-1.el8cf.x86_64"
},
"product_reference": "rubygem-http_parser.rb-debugsource-0:0.6.0-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-http_parser.rb-doc-0:0.6.0-1.el8cf.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-http_parser.rb-doc-0:0.6.0-1.el8cf.noarch"
},
"product_reference": "rubygem-http_parser.rb-doc-0:0.6.0-1.el8cf.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-linux_block_device-0:0.2.1-1.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-linux_block_device-0:0.2.1-1.el8cf.src"
},
"product_reference": "rubygem-linux_block_device-0:0.2.1-1.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-linux_block_device-0:0.2.1-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-linux_block_device-0:0.2.1-1.el8cf.x86_64"
},
"product_reference": "rubygem-linux_block_device-0:0.2.1-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-linux_block_device-debuginfo-0:0.2.1-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-linux_block_device-debuginfo-0:0.2.1-1.el8cf.x86_64"
},
"product_reference": "rubygem-linux_block_device-debuginfo-0:0.2.1-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-linux_block_device-debugsource-0:0.2.1-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-linux_block_device-debugsource-0:0.2.1-1.el8cf.x86_64"
},
"product_reference": "rubygem-linux_block_device-debugsource-0:0.2.1-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-linux_block_device-doc-0:0.2.1-1.el8cf.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-linux_block_device-doc-0:0.2.1-1.el8cf.noarch"
},
"product_reference": "rubygem-linux_block_device-doc-0:0.2.1-1.el8cf.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-memory_buffer-0:0.1.0-2.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-memory_buffer-0:0.1.0-2.el8cf.src"
},
"product_reference": "rubygem-memory_buffer-0:0.1.0-2.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-memory_buffer-0:0.1.0-2.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-memory_buffer-0:0.1.0-2.el8cf.x86_64"
},
"product_reference": "rubygem-memory_buffer-0:0.1.0-2.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-memory_buffer-debuginfo-0:0.1.0-2.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-memory_buffer-debuginfo-0:0.1.0-2.el8cf.x86_64"
},
"product_reference": "rubygem-memory_buffer-debuginfo-0:0.1.0-2.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-memory_buffer-debugsource-0:0.1.0-2.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-memory_buffer-debugsource-0:0.1.0-2.el8cf.x86_64"
},
"product_reference": "rubygem-memory_buffer-debugsource-0:0.1.0-2.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-memory_buffer-doc-0:0.1.0-2.el8cf.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-memory_buffer-doc-0:0.1.0-2.el8cf.noarch"
},
"product_reference": "rubygem-memory_buffer-doc-0:0.1.0-2.el8cf.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-nio4r-0:2.4.0-1.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-nio4r-0:2.4.0-1.el8cf.src"
},
"product_reference": "rubygem-nio4r-0:2.4.0-1.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-nio4r-0:2.4.0-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-nio4r-0:2.4.0-1.el8cf.x86_64"
},
"product_reference": "rubygem-nio4r-0:2.4.0-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-nio4r-debuginfo-0:2.4.0-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-nio4r-debuginfo-0:2.4.0-1.el8cf.x86_64"
},
"product_reference": "rubygem-nio4r-debuginfo-0:2.4.0-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-nio4r-debugsource-0:2.4.0-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-nio4r-debugsource-0:2.4.0-1.el8cf.x86_64"
},
"product_reference": "rubygem-nio4r-debugsource-0:2.4.0-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-nio4r-doc-0:2.4.0-1.el8cf.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-nio4r-doc-0:2.4.0-1.el8cf.noarch"
},
"product_reference": "rubygem-nio4r-doc-0:2.4.0-1.el8cf.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-nokogiri-0:1.8.5-1.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-nokogiri-0:1.8.5-1.el8cf.src"
},
"product_reference": "rubygem-nokogiri-0:1.8.5-1.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-nokogiri-0:1.8.5-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-nokogiri-0:1.8.5-1.el8cf.x86_64"
},
"product_reference": "rubygem-nokogiri-0:1.8.5-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-nokogiri-debuginfo-0:1.8.5-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-nokogiri-debuginfo-0:1.8.5-1.el8cf.x86_64"
},
"product_reference": "rubygem-nokogiri-debuginfo-0:1.8.5-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-nokogiri-debugsource-0:1.8.5-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-nokogiri-debugsource-0:1.8.5-1.el8cf.x86_64"
},
"product_reference": "rubygem-nokogiri-debugsource-0:1.8.5-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-nokogiri-doc-0:1.8.5-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-nokogiri-doc-0:1.8.5-1.el8cf.x86_64"
},
"product_reference": "rubygem-nokogiri-doc-0:1.8.5-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-ovirt-engine-sdk4-0:4.3.0-1.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-0:4.3.0-1.el8cf.src"
},
"product_reference": "rubygem-ovirt-engine-sdk4-0:4.3.0-1.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-ovirt-engine-sdk4-0:4.3.0-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-0:4.3.0-1.el8cf.x86_64"
},
"product_reference": "rubygem-ovirt-engine-sdk4-0:4.3.0-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-ovirt-engine-sdk4-debuginfo-0:4.3.0-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-debuginfo-0:4.3.0-1.el8cf.x86_64"
},
"product_reference": "rubygem-ovirt-engine-sdk4-debuginfo-0:4.3.0-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-ovirt-engine-sdk4-debugsource-0:4.3.0-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-debugsource-0:4.3.0-1.el8cf.x86_64"
},
"product_reference": "rubygem-ovirt-engine-sdk4-debugsource-0:4.3.0-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-ovirt-engine-sdk4-doc-0:4.3.0-1.el8cf.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-doc-0:4.3.0-1.el8cf.noarch"
},
"product_reference": "rubygem-ovirt-engine-sdk4-doc-0:4.3.0-1.el8cf.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-puma-0:3.7.1-1.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-puma-0:3.7.1-1.el8cf.src"
},
"product_reference": "rubygem-puma-0:3.7.1-1.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-puma-0:3.7.1-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-puma-0:3.7.1-1.el8cf.x86_64"
},
"product_reference": "rubygem-puma-0:3.7.1-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-puma-debuginfo-0:3.7.1-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-puma-debuginfo-0:3.7.1-1.el8cf.x86_64"
},
"product_reference": "rubygem-puma-debuginfo-0:3.7.1-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-puma-debugsource-0:3.7.1-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-puma-debugsource-0:3.7.1-1.el8cf.x86_64"
},
"product_reference": "rubygem-puma-debugsource-0:3.7.1-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-puma-doc-0:3.7.1-1.el8cf.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-puma-doc-0:3.7.1-1.el8cf.noarch"
},
"product_reference": "rubygem-puma-doc-0:3.7.1-1.el8cf.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-qpid_proton-0:0.26.0-1.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-qpid_proton-0:0.26.0-1.el8cf.src"
},
"product_reference": "rubygem-qpid_proton-0:0.26.0-1.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-qpid_proton-0:0.26.0-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-qpid_proton-0:0.26.0-1.el8cf.x86_64"
},
"product_reference": "rubygem-qpid_proton-0:0.26.0-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-qpid_proton-debuginfo-0:0.26.0-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-qpid_proton-debuginfo-0:0.26.0-1.el8cf.x86_64"
},
"product_reference": "rubygem-qpid_proton-debuginfo-0:0.26.0-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-qpid_proton-debugsource-0:0.26.0-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-qpid_proton-debugsource-0:0.26.0-1.el8cf.x86_64"
},
"product_reference": "rubygem-qpid_proton-debugsource-0:0.26.0-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-qpid_proton-doc-0:0.26.0-1.el8cf.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-qpid_proton-doc-0:0.26.0-1.el8cf.noarch"
},
"product_reference": "rubygem-qpid_proton-doc-0:0.26.0-1.el8cf.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-rugged-0:0.28.2-1.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-rugged-0:0.28.2-1.el8cf.src"
},
"product_reference": "rubygem-rugged-0:0.28.2-1.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-rugged-0:0.28.2-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-rugged-0:0.28.2-1.el8cf.x86_64"
},
"product_reference": "rubygem-rugged-0:0.28.2-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-rugged-debuginfo-0:0.28.2-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-rugged-debuginfo-0:0.28.2-1.el8cf.x86_64"
},
"product_reference": "rubygem-rugged-debuginfo-0:0.28.2-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-rugged-debugsource-0:0.28.2-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-rugged-debugsource-0:0.28.2-1.el8cf.x86_64"
},
"product_reference": "rubygem-rugged-debugsource-0:0.28.2-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-rugged-doc-0:0.28.2-1.el8cf.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-rugged-doc-0:0.28.2-1.el8cf.noarch"
},
"product_reference": "rubygem-rugged-doc-0:0.28.2-1.el8cf.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-sassc-0:2.0.1-1.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-sassc-0:2.0.1-1.el8cf.src"
},
"product_reference": "rubygem-sassc-0:2.0.1-1.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-sassc-0:2.0.1-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-sassc-0:2.0.1-1.el8cf.x86_64"
},
"product_reference": "rubygem-sassc-0:2.0.1-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-sassc-debuginfo-0:2.0.1-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-sassc-debuginfo-0:2.0.1-1.el8cf.x86_64"
},
"product_reference": "rubygem-sassc-debuginfo-0:2.0.1-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-sassc-debugsource-0:2.0.1-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-sassc-debugsource-0:2.0.1-1.el8cf.x86_64"
},
"product_reference": "rubygem-sassc-debugsource-0:2.0.1-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-sassc-doc-0:2.0.1-1.el8cf.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-sassc-doc-0:2.0.1-1.el8cf.noarch"
},
"product_reference": "rubygem-sassc-doc-0:2.0.1-1.el8cf.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-sqlite3-0:1.3.13-2.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-sqlite3-0:1.3.13-2.el8cf.src"
},
"product_reference": "rubygem-sqlite3-0:1.3.13-2.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-sqlite3-0:1.3.13-2.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-sqlite3-0:1.3.13-2.el8cf.x86_64"
},
"product_reference": "rubygem-sqlite3-0:1.3.13-2.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-sqlite3-debuginfo-0:1.3.13-2.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-sqlite3-debuginfo-0:1.3.13-2.el8cf.x86_64"
},
"product_reference": "rubygem-sqlite3-debuginfo-0:1.3.13-2.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-sqlite3-debugsource-0:1.3.13-2.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-sqlite3-debugsource-0:1.3.13-2.el8cf.x86_64"
},
"product_reference": "rubygem-sqlite3-debugsource-0:1.3.13-2.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-sqlite3-doc-0:1.3.13-2.el8cf.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-sqlite3-doc-0:1.3.13-2.el8cf.noarch"
},
"product_reference": "rubygem-sqlite3-doc-0:1.3.13-2.el8cf.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-surro-gate-0:1.0.5-1.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-surro-gate-0:1.0.5-1.el8cf.src"
},
"product_reference": "rubygem-surro-gate-0:1.0.5-1.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-surro-gate-0:1.0.5-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-surro-gate-0:1.0.5-1.el8cf.x86_64"
},
"product_reference": "rubygem-surro-gate-0:1.0.5-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-surro-gate-debuginfo-0:1.0.5-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-surro-gate-debuginfo-0:1.0.5-1.el8cf.x86_64"
},
"product_reference": "rubygem-surro-gate-debuginfo-0:1.0.5-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-surro-gate-debugsource-0:1.0.5-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-surro-gate-debugsource-0:1.0.5-1.el8cf.x86_64"
},
"product_reference": "rubygem-surro-gate-debugsource-0:1.0.5-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-surro-gate-doc-0:1.0.5-1.el8cf.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-surro-gate-doc-0:1.0.5-1.el8cf.noarch"
},
"product_reference": "rubygem-surro-gate-doc-0:1.0.5-1.el8cf.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-unf_ext-0:0.0.7.6-1.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-unf_ext-0:0.0.7.6-1.el8cf.src"
},
"product_reference": "rubygem-unf_ext-0:0.0.7.6-1.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-unf_ext-0:0.0.7.6-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-unf_ext-0:0.0.7.6-1.el8cf.x86_64"
},
"product_reference": "rubygem-unf_ext-0:0.0.7.6-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-unf_ext-debuginfo-0:0.0.7.6-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-unf_ext-debuginfo-0:0.0.7.6-1.el8cf.x86_64"
},
"product_reference": "rubygem-unf_ext-debuginfo-0:0.0.7.6-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-unf_ext-debugsource-0:0.0.7.6-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-unf_ext-debugsource-0:0.0.7.6-1.el8cf.x86_64"
},
"product_reference": "rubygem-unf_ext-debugsource-0:0.0.7.6-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-unf_ext-doc-0:0.0.7.6-1.el8cf.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-unf_ext-doc-0:0.0.7.6-1.el8cf.noarch"
},
"product_reference": "rubygem-unf_ext-doc-0:0.0.7.6-1.el8cf.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-websocket-driver-0:0.6.5-1.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-websocket-driver-0:0.6.5-1.el8cf.src"
},
"product_reference": "rubygem-websocket-driver-0:0.6.5-1.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-websocket-driver-0:0.6.5-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-websocket-driver-0:0.6.5-1.el8cf.x86_64"
},
"product_reference": "rubygem-websocket-driver-0:0.6.5-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-websocket-driver-debuginfo-0:0.6.5-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-websocket-driver-debuginfo-0:0.6.5-1.el8cf.x86_64"
},
"product_reference": "rubygem-websocket-driver-debuginfo-0:0.6.5-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-websocket-driver-debugsource-0:0.6.5-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-websocket-driver-debugsource-0:0.6.5-1.el8cf.x86_64"
},
"product_reference": "rubygem-websocket-driver-debugsource-0:0.6.5-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-websocket-driver-doc-0:0.6.5-1.el8cf.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-websocket-driver-doc-0:0.6.5-1.el8cf.noarch"
},
"product_reference": "rubygem-websocket-driver-doc-0:0.6.5-1.el8cf.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "smem-0:1.4-1.el8cf.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:smem-0:1.4-1.el8cf.noarch"
},
"product_reference": "smem-0:1.4-1.el8cf.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "smem-0:1.4-1.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:smem-0:1.4-1.el8cf.src"
},
"product_reference": "smem-0:1.4-1.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "v2v-conversion-host-0:1.14.2-1.el8ev.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:v2v-conversion-host-0:1.14.2-1.el8ev.src"
},
"product_reference": "v2v-conversion-host-0:1.14.2-1.el8ev.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "v2v-conversion-host-ansible-0:1.14.2-1.el8ev.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:v2v-conversion-host-ansible-0:1.14.2-1.el8ev.noarch"
},
"product_reference": "v2v-conversion-host-ansible-0:1.14.2-1.el8ev.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wmi-0:1.3.14-8.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:wmi-0:1.3.14-8.el8cf.src"
},
"product_reference": "wmi-0:1.3.14-8.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wmi-0:1.3.14-8.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:wmi-0:1.3.14-8.el8cf.x86_64"
},
"product_reference": "wmi-0:1.3.14-8.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wmi-debuginfo-0:1.3.14-8.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:wmi-debuginfo-0:1.3.14-8.el8cf.x86_64"
},
"product_reference": "wmi-debuginfo-0:1.3.14-8.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wmi-debugsource-0:1.3.14-8.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:wmi-debugsource-0:1.3.14-8.el8cf.x86_64"
},
"product_reference": "wmi-debugsource-0:1.3.14-8.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-10735",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668097"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the data-target attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-CFME-5.11:ansible-runner-0:1.3.4-2.el8ar.noarch",
"8Base-CFME-5.11:ansible-runner-0:1.3.4-2.el8ar.src",
"8Base-CFME-5.11:ansible-tower-venv-ansible-0:3.5.2-1.el8at.x86_64",
"8Base-CFME-5.11:cfme-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-amazon-smartstate-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-amazon-smartstate-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-appliance-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-appliance-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-appliance-common-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-appliance-tools-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-gemset-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-gemset-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:ovirt-ansible-cluster-upgrade-0:1.1.13-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-cluster-upgrade-0:1.1.13-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-disaster-recovery-0:1.2.0-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-disaster-recovery-0:1.2.0-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-engine-setup-0:1.1.9-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-engine-setup-0:1.1.9-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-hosted-engine-setup-0:1.0.26-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-hosted-engine-setup-0:1.0.26-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-image-template-0:1.1.11-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-image-template-0:1.1.11-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-infra-0:1.1.12-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-infra-0:1.1.12-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-manageiq-0:1.1.14-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-manageiq-0:1.1.14-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-repositories-0:1.1.5-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-repositories-0:1.1.5-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-roles-0:1.1.7-2.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-roles-0:1.1.7-2.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-shutdown-env-0:1.0.3-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-shutdown-env-0:1.0.3-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-vm-infra-0:1.1.19-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-vm-infra-0:1.1.19-1.el8ev.src",
"8Base-CFME-5.11:prince-0:12.4-1.el8cf.src",
"8Base-CFME-5.11:prince-0:12.4-1.el8cf.x86_64",
"8Base-CFME-5.11:python-bambou-0:3.0.1-2.el8cf.src",
"8Base-CFME-5.11:python-colorama-0:0.4.1-1.el8ost.src",
"8Base-CFME-5.11:python-daemon-0:2.1.2-9.el8ar.src",
"8Base-CFME-5.11:python-funcsigs-0:1.0.2-3.el8ost.src",
"8Base-CFME-5.11:python-future-0:0.16.0-1.el8cf.src",
"8Base-CFME-5.11:python-lockfile-1:0.11.0-8.el8ar.src",
"8Base-CFME-5.11:python-mock-0:2.0.0-11.el8ost.src",
"8Base-CFME-5.11:python-pbr-0:5.1.2-2.el8ost.src",
"8Base-CFME-5.11:python-pexpect-0:4.6-2.el8ar.src",
"8Base-CFME-5.11:python-psutil-0:5.4.3-5.el8ar.src",
"8Base-CFME-5.11:python-psutil-debugsource-0:5.4.3-5.el8ar.x86_64",
"8Base-CFME-5.11:python-pylxca-0:2.1.1-2.el8cf.src",
"8Base-CFME-5.11:python-requests-toolbelt-0:0.8.0-2.el8cf.src",
"8Base-CFME-5.11:python-tabulate-0:0.8.2-1.el8cf.src",
"8Base-CFME-5.11:python-vspk-0:5.3.2-2.el8cf.src",
"8Base-CFME-5.11:python3-ansible-runner-0:1.3.4-2.el8ar.noarch",
"8Base-CFME-5.11:python3-bambou-0:3.0.1-2.el8cf.noarch",
"8Base-CFME-5.11:python3-colorama-0:0.4.1-1.el8ost.noarch",
"8Base-CFME-5.11:python3-daemon-0:2.1.2-9.el8ar.noarch",
"8Base-CFME-5.11:python3-funcsigs-0:1.0.2-3.el8ost.noarch",
"8Base-CFME-5.11:python3-future-0:0.16.0-1.el8cf.noarch",
"8Base-CFME-5.11:python3-lockfile-1:0.11.0-8.el8ar.noarch",
"8Base-CFME-5.11:python3-mock-0:2.0.0-11.el8ost.noarch",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-0:4.3.2-1.el8ev.src",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-0:4.3.2-1.el8ev.x86_64",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-debuginfo-0:4.3.2-1.el8ev.x86_64",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-debugsource-0:4.3.2-1.el8ev.x86_64",
"8Base-CFME-5.11:python3-pbr-0:5.1.2-2.el8ost.noarch",
"8Base-CFME-5.11:python3-pexpect-0:4.6-2.el8ar.noarch",
"8Base-CFME-5.11:python3-psutil-0:5.4.3-5.el8ar.x86_64",
"8Base-CFME-5.11:python3-psutil-debuginfo-0:5.4.3-5.el8ar.x86_64",
"8Base-CFME-5.11:python3-pylxca-0:2.1.1-2.el8cf.noarch",
"8Base-CFME-5.11:python3-qpid-proton-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:python3-requests-toolbelt-0:0.8.0-2.el8cf.noarch",
"8Base-CFME-5.11:python3-tabulate-0:0.8.2-1.el8cf.noarch",
"8Base-CFME-5.11:python3-vspk-0:5.3.2-2.el8cf.noarch",
"8Base-CFME-5.11:qpid-proton-0:0.28.0-1.el8.src",
"8Base-CFME-5.11:qpid-proton-c-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-c-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-c-devel-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-c-docs-0:0.28.0-1.el8.noarch",
"8Base-CFME-5.11:qpid-proton-cpp-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-debugsource-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:repmgr10-0:4.0.6-3.el8cf.src",
"8Base-CFME-5.11:repmgr10-0:4.0.6-3.el8cf.x86_64",
"8Base-CFME-5.11:repmgr10-debuginfo-0:4.0.6-3.el8cf.x86_64",
"8Base-CFME-5.11:repmgr10-debugsource-0:4.0.6-3.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-0:3.1.13-1.el8cf.src",
"8Base-CFME-5.11:rubygem-bcrypt-0:3.1.13-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-debuginfo-0:3.1.13-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-debugsource-0:3.1.13-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-doc-0:3.1.13-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-byebug-0:11.0.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-byebug-0:11.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-byebug-debuginfo-0:11.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-byebug-debugsource-0:11.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-byebug-doc-0:11.0.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-escape_utils-0:1.2.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-escape_utils-0:1.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-escape_utils-debuginfo-0:1.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-escape_utils-debugsource-0:1.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-escape_utils-doc-0:1.2.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-ffi-0:1.9.25-1.el8cf.src",
"8Base-CFME-5.11:rubygem-ffi-0:1.9.25-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ffi-debuginfo-0:1.9.25-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ffi-debugsource-0:1.9.25-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ffi-doc-0:1.9.25-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-hamlit-0:2.8.10-1.el8cf.src",
"8Base-CFME-5.11:rubygem-hamlit-0:2.8.10-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-hamlit-debuginfo-0:2.8.10-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-hamlit-debugsource-0:2.8.10-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-hamlit-doc-0:2.8.10-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-http_parser.rb-0:0.6.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-http_parser.rb-0:0.6.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-http_parser.rb-debuginfo-0:0.6.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-http_parser.rb-debugsource-0:0.6.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-http_parser.rb-doc-0:0.6.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-linux_block_device-0:0.2.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-linux_block_device-0:0.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-linux_block_device-debuginfo-0:0.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-linux_block_device-debugsource-0:0.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-linux_block_device-doc-0:0.2.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-memory_buffer-0:0.1.0-2.el8cf.src",
"8Base-CFME-5.11:rubygem-memory_buffer-0:0.1.0-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-memory_buffer-debuginfo-0:0.1.0-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-memory_buffer-debugsource-0:0.1.0-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-memory_buffer-doc-0:0.1.0-2.el8cf.noarch",
"8Base-CFME-5.11:rubygem-nio4r-0:2.4.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-nio4r-0:2.4.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nio4r-debuginfo-0:2.4.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nio4r-debugsource-0:2.4.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nio4r-doc-0:2.4.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-nokogiri-0:1.8.5-1.el8cf.src",
"8Base-CFME-5.11:rubygem-nokogiri-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nokogiri-debuginfo-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nokogiri-debugsource-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nokogiri-doc-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-0:4.3.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-0:4.3.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-debuginfo-0:4.3.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-debugsource-0:4.3.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-doc-0:4.3.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-puma-0:3.7.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-puma-0:3.7.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-puma-debuginfo-0:3.7.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-puma-debugsource-0:3.7.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-puma-doc-0:3.7.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-qpid_proton-0:0.26.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-qpid_proton-0:0.26.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-qpid_proton-debuginfo-0:0.26.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-qpid_proton-debugsource-0:0.26.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-qpid_proton-doc-0:0.26.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-rugged-0:0.28.2-1.el8cf.src",
"8Base-CFME-5.11:rubygem-rugged-0:0.28.2-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-rugged-debuginfo-0:0.28.2-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-rugged-debugsource-0:0.28.2-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-rugged-doc-0:0.28.2-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-sassc-0:2.0.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-sassc-0:2.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sassc-debuginfo-0:2.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sassc-debugsource-0:2.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sassc-doc-0:2.0.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-sqlite3-0:1.3.13-2.el8cf.src",
"8Base-CFME-5.11:rubygem-sqlite3-0:1.3.13-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sqlite3-debuginfo-0:1.3.13-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sqlite3-debugsource-0:1.3.13-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sqlite3-doc-0:1.3.13-2.el8cf.noarch",
"8Base-CFME-5.11:rubygem-surro-gate-0:1.0.5-1.el8cf.src",
"8Base-CFME-5.11:rubygem-surro-gate-0:1.0.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-surro-gate-debuginfo-0:1.0.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-surro-gate-debugsource-0:1.0.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-surro-gate-doc-0:1.0.5-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-unf_ext-0:0.0.7.6-1.el8cf.src",
"8Base-CFME-5.11:rubygem-unf_ext-0:0.0.7.6-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-unf_ext-debuginfo-0:0.0.7.6-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-unf_ext-debugsource-0:0.0.7.6-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-unf_ext-doc-0:0.0.7.6-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-websocket-driver-0:0.6.5-1.el8cf.src",
"8Base-CFME-5.11:rubygem-websocket-driver-0:0.6.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-websocket-driver-debuginfo-0:0.6.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-websocket-driver-debugsource-0:0.6.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-websocket-driver-doc-0:0.6.5-1.el8cf.noarch",
"8Base-CFME-5.11:smem-0:1.4-1.el8cf.noarch",
"8Base-CFME-5.11:smem-0:1.4-1.el8cf.src",
"8Base-CFME-5.11:v2v-conversion-host-0:1.14.2-1.el8ev.src",
"8Base-CFME-5.11:v2v-conversion-host-ansible-0:1.14.2-1.el8ev.noarch",
"8Base-CFME-5.11:wmi-0:1.3.14-8.el8cf.src",
"8Base-CFME-5.11:wmi-0:1.3.14-8.el8cf.x86_64",
"8Base-CFME-5.11:wmi-debuginfo-0:1.3.14-8.el8cf.x86_64",
"8Base-CFME-5.11:wmi-debugsource-0:1.3.14-8.el8cf.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-10735"
},
{
"category": "external",
"summary": "RHBZ#1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10735"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735"
}
],
"release_date": "2016-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-12-12T13:34:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nIf the postgresql service is running, it will be automatically restarted after installing this update. After installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"8Base-CFME-5.11:ansible-runner-0:1.3.4-2.el8ar.noarch",
"8Base-CFME-5.11:ansible-runner-0:1.3.4-2.el8ar.src",
"8Base-CFME-5.11:ansible-tower-venv-ansible-0:3.5.2-1.el8at.x86_64",
"8Base-CFME-5.11:cfme-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-amazon-smartstate-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-amazon-smartstate-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-appliance-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-appliance-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-appliance-common-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-appliance-tools-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-gemset-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-gemset-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:ovirt-ansible-cluster-upgrade-0:1.1.13-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-cluster-upgrade-0:1.1.13-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-disaster-recovery-0:1.2.0-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-disaster-recovery-0:1.2.0-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-engine-setup-0:1.1.9-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-engine-setup-0:1.1.9-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-hosted-engine-setup-0:1.0.26-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-hosted-engine-setup-0:1.0.26-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-image-template-0:1.1.11-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-image-template-0:1.1.11-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-infra-0:1.1.12-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-infra-0:1.1.12-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-manageiq-0:1.1.14-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-manageiq-0:1.1.14-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-repositories-0:1.1.5-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-repositories-0:1.1.5-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-roles-0:1.1.7-2.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-roles-0:1.1.7-2.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-shutdown-env-0:1.0.3-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-shutdown-env-0:1.0.3-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-vm-infra-0:1.1.19-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-vm-infra-0:1.1.19-1.el8ev.src",
"8Base-CFME-5.11:prince-0:12.4-1.el8cf.src",
"8Base-CFME-5.11:prince-0:12.4-1.el8cf.x86_64",
"8Base-CFME-5.11:python-bambou-0:3.0.1-2.el8cf.src",
"8Base-CFME-5.11:python-colorama-0:0.4.1-1.el8ost.src",
"8Base-CFME-5.11:python-daemon-0:2.1.2-9.el8ar.src",
"8Base-CFME-5.11:python-funcsigs-0:1.0.2-3.el8ost.src",
"8Base-CFME-5.11:python-future-0:0.16.0-1.el8cf.src",
"8Base-CFME-5.11:python-lockfile-1:0.11.0-8.el8ar.src",
"8Base-CFME-5.11:python-mock-0:2.0.0-11.el8ost.src",
"8Base-CFME-5.11:python-pbr-0:5.1.2-2.el8ost.src",
"8Base-CFME-5.11:python-pexpect-0:4.6-2.el8ar.src",
"8Base-CFME-5.11:python-psutil-0:5.4.3-5.el8ar.src",
"8Base-CFME-5.11:python-psutil-debugsource-0:5.4.3-5.el8ar.x86_64",
"8Base-CFME-5.11:python-pylxca-0:2.1.1-2.el8cf.src",
"8Base-CFME-5.11:python-requests-toolbelt-0:0.8.0-2.el8cf.src",
"8Base-CFME-5.11:python-tabulate-0:0.8.2-1.el8cf.src",
"8Base-CFME-5.11:python-vspk-0:5.3.2-2.el8cf.src",
"8Base-CFME-5.11:python3-ansible-runner-0:1.3.4-2.el8ar.noarch",
"8Base-CFME-5.11:python3-bambou-0:3.0.1-2.el8cf.noarch",
"8Base-CFME-5.11:python3-colorama-0:0.4.1-1.el8ost.noarch",
"8Base-CFME-5.11:python3-daemon-0:2.1.2-9.el8ar.noarch",
"8Base-CFME-5.11:python3-funcsigs-0:1.0.2-3.el8ost.noarch",
"8Base-CFME-5.11:python3-future-0:0.16.0-1.el8cf.noarch",
"8Base-CFME-5.11:python3-lockfile-1:0.11.0-8.el8ar.noarch",
"8Base-CFME-5.11:python3-mock-0:2.0.0-11.el8ost.noarch",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-0:4.3.2-1.el8ev.src",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-0:4.3.2-1.el8ev.x86_64",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-debuginfo-0:4.3.2-1.el8ev.x86_64",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-debugsource-0:4.3.2-1.el8ev.x86_64",
"8Base-CFME-5.11:python3-pbr-0:5.1.2-2.el8ost.noarch",
"8Base-CFME-5.11:python3-pexpect-0:4.6-2.el8ar.noarch",
"8Base-CFME-5.11:python3-psutil-0:5.4.3-5.el8ar.x86_64",
"8Base-CFME-5.11:python3-psutil-debuginfo-0:5.4.3-5.el8ar.x86_64",
"8Base-CFME-5.11:python3-pylxca-0:2.1.1-2.el8cf.noarch",
"8Base-CFME-5.11:python3-qpid-proton-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:python3-requests-toolbelt-0:0.8.0-2.el8cf.noarch",
"8Base-CFME-5.11:python3-tabulate-0:0.8.2-1.el8cf.noarch",
"8Base-CFME-5.11:python3-vspk-0:5.3.2-2.el8cf.noarch",
"8Base-CFME-5.11:qpid-proton-0:0.28.0-1.el8.src",
"8Base-CFME-5.11:qpid-proton-c-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-c-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-c-devel-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-c-docs-0:0.28.0-1.el8.noarch",
"8Base-CFME-5.11:qpid-proton-cpp-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-debugsource-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:repmgr10-0:4.0.6-3.el8cf.src",
"8Base-CFME-5.11:repmgr10-0:4.0.6-3.el8cf.x86_64",
"8Base-CFME-5.11:repmgr10-debuginfo-0:4.0.6-3.el8cf.x86_64",
"8Base-CFME-5.11:repmgr10-debugsource-0:4.0.6-3.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-0:3.1.13-1.el8cf.src",
"8Base-CFME-5.11:rubygem-bcrypt-0:3.1.13-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-debuginfo-0:3.1.13-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-debugsource-0:3.1.13-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-doc-0:3.1.13-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-byebug-0:11.0.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-byebug-0:11.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-byebug-debuginfo-0:11.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-byebug-debugsource-0:11.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-byebug-doc-0:11.0.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-escape_utils-0:1.2.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-escape_utils-0:1.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-escape_utils-debuginfo-0:1.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-escape_utils-debugsource-0:1.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-escape_utils-doc-0:1.2.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-ffi-0:1.9.25-1.el8cf.src",
"8Base-CFME-5.11:rubygem-ffi-0:1.9.25-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ffi-debuginfo-0:1.9.25-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ffi-debugsource-0:1.9.25-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ffi-doc-0:1.9.25-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-hamlit-0:2.8.10-1.el8cf.src",
"8Base-CFME-5.11:rubygem-hamlit-0:2.8.10-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-hamlit-debuginfo-0:2.8.10-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-hamlit-debugsource-0:2.8.10-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-hamlit-doc-0:2.8.10-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-http_parser.rb-0:0.6.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-http_parser.rb-0:0.6.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-http_parser.rb-debuginfo-0:0.6.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-http_parser.rb-debugsource-0:0.6.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-http_parser.rb-doc-0:0.6.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-linux_block_device-0:0.2.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-linux_block_device-0:0.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-linux_block_device-debuginfo-0:0.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-linux_block_device-debugsource-0:0.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-linux_block_device-doc-0:0.2.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-memory_buffer-0:0.1.0-2.el8cf.src",
"8Base-CFME-5.11:rubygem-memory_buffer-0:0.1.0-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-memory_buffer-debuginfo-0:0.1.0-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-memory_buffer-debugsource-0:0.1.0-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-memory_buffer-doc-0:0.1.0-2.el8cf.noarch",
"8Base-CFME-5.11:rubygem-nio4r-0:2.4.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-nio4r-0:2.4.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nio4r-debuginfo-0:2.4.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nio4r-debugsource-0:2.4.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nio4r-doc-0:2.4.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-nokogiri-0:1.8.5-1.el8cf.src",
"8Base-CFME-5.11:rubygem-nokogiri-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nokogiri-debuginfo-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nokogiri-debugsource-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nokogiri-doc-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-0:4.3.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-0:4.3.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-debuginfo-0:4.3.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-debugsource-0:4.3.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-doc-0:4.3.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-puma-0:3.7.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-puma-0:3.7.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-puma-debuginfo-0:3.7.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-puma-debugsource-0:3.7.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-puma-doc-0:3.7.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-qpid_proton-0:0.26.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-qpid_proton-0:0.26.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-qpid_proton-debuginfo-0:0.26.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-qpid_proton-debugsource-0:0.26.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-qpid_proton-doc-0:0.26.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-rugged-0:0.28.2-1.el8cf.src",
"8Base-CFME-5.11:rubygem-rugged-0:0.28.2-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-rugged-debuginfo-0:0.28.2-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-rugged-debugsource-0:0.28.2-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-rugged-doc-0:0.28.2-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-sassc-0:2.0.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-sassc-0:2.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sassc-debuginfo-0:2.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sassc-debugsource-0:2.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sassc-doc-0:2.0.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-sqlite3-0:1.3.13-2.el8cf.src",
"8Base-CFME-5.11:rubygem-sqlite3-0:1.3.13-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sqlite3-debuginfo-0:1.3.13-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sqlite3-debugsource-0:1.3.13-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sqlite3-doc-0:1.3.13-2.el8cf.noarch",
"8Base-CFME-5.11:rubygem-surro-gate-0:1.0.5-1.el8cf.src",
"8Base-CFME-5.11:rubygem-surro-gate-0:1.0.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-surro-gate-debuginfo-0:1.0.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-surro-gate-debugsource-0:1.0.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-surro-gate-doc-0:1.0.5-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-unf_ext-0:0.0.7.6-1.el8cf.src",
"8Base-CFME-5.11:rubygem-unf_ext-0:0.0.7.6-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-unf_ext-debuginfo-0:0.0.7.6-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-unf_ext-debugsource-0:0.0.7.6-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-unf_ext-doc-0:0.0.7.6-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-websocket-driver-0:0.6.5-1.el8cf.src",
"8Base-CFME-5.11:rubygem-websocket-driver-0:0.6.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-websocket-driver-debuginfo-0:0.6.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-websocket-driver-debugsource-0:0.6.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-websocket-driver-doc-0:0.6.5-1.el8cf.noarch",
"8Base-CFME-5.11:smem-0:1.4-1.el8cf.noarch",
"8Base-CFME-5.11:smem-0:1.4-1.el8cf.src",
"8Base-CFME-5.11:v2v-conversion-host-0:1.14.2-1.el8ev.src",
"8Base-CFME-5.11:v2v-conversion-host-ansible-0:1.14.2-1.el8ev.noarch",
"8Base-CFME-5.11:wmi-0:1.3.14-8.el8cf.src",
"8Base-CFME-5.11:wmi-0:1.3.14-8.el8cf.x86_64",
"8Base-CFME-5.11:wmi-debuginfo-0:1.3.14-8.el8cf.x86_64",
"8Base-CFME-5.11:wmi-debugsource-0:1.3.14-8.el8cf.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2019:4199"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"8Base-CFME-5.11:ansible-runner-0:1.3.4-2.el8ar.noarch",
"8Base-CFME-5.11:ansible-runner-0:1.3.4-2.el8ar.src",
"8Base-CFME-5.11:ansible-tower-venv-ansible-0:3.5.2-1.el8at.x86_64",
"8Base-CFME-5.11:cfme-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-amazon-smartstate-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-amazon-smartstate-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-appliance-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-appliance-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-appliance-common-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-appliance-tools-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-gemset-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-gemset-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:ovirt-ansible-cluster-upgrade-0:1.1.13-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-cluster-upgrade-0:1.1.13-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-disaster-recovery-0:1.2.0-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-disaster-recovery-0:1.2.0-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-engine-setup-0:1.1.9-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-engine-setup-0:1.1.9-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-hosted-engine-setup-0:1.0.26-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-hosted-engine-setup-0:1.0.26-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-image-template-0:1.1.11-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-image-template-0:1.1.11-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-infra-0:1.1.12-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-infra-0:1.1.12-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-manageiq-0:1.1.14-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-manageiq-0:1.1.14-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-repositories-0:1.1.5-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-repositories-0:1.1.5-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-roles-0:1.1.7-2.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-roles-0:1.1.7-2.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-shutdown-env-0:1.0.3-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-shutdown-env-0:1.0.3-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-vm-infra-0:1.1.19-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-vm-infra-0:1.1.19-1.el8ev.src",
"8Base-CFME-5.11:prince-0:12.4-1.el8cf.src",
"8Base-CFME-5.11:prince-0:12.4-1.el8cf.x86_64",
"8Base-CFME-5.11:python-bambou-0:3.0.1-2.el8cf.src",
"8Base-CFME-5.11:python-colorama-0:0.4.1-1.el8ost.src",
"8Base-CFME-5.11:python-daemon-0:2.1.2-9.el8ar.src",
"8Base-CFME-5.11:python-funcsigs-0:1.0.2-3.el8ost.src",
"8Base-CFME-5.11:python-future-0:0.16.0-1.el8cf.src",
"8Base-CFME-5.11:python-lockfile-1:0.11.0-8.el8ar.src",
"8Base-CFME-5.11:python-mock-0:2.0.0-11.el8ost.src",
"8Base-CFME-5.11:python-pbr-0:5.1.2-2.el8ost.src",
"8Base-CFME-5.11:python-pexpect-0:4.6-2.el8ar.src",
"8Base-CFME-5.11:python-psutil-0:5.4.3-5.el8ar.src",
"8Base-CFME-5.11:python-psutil-debugsource-0:5.4.3-5.el8ar.x86_64",
"8Base-CFME-5.11:python-pylxca-0:2.1.1-2.el8cf.src",
"8Base-CFME-5.11:python-requests-toolbelt-0:0.8.0-2.el8cf.src",
"8Base-CFME-5.11:python-tabulate-0:0.8.2-1.el8cf.src",
"8Base-CFME-5.11:python-vspk-0:5.3.2-2.el8cf.src",
"8Base-CFME-5.11:python3-ansible-runner-0:1.3.4-2.el8ar.noarch",
"8Base-CFME-5.11:python3-bambou-0:3.0.1-2.el8cf.noarch",
"8Base-CFME-5.11:python3-colorama-0:0.4.1-1.el8ost.noarch",
"8Base-CFME-5.11:python3-daemon-0:2.1.2-9.el8ar.noarch",
"8Base-CFME-5.11:python3-funcsigs-0:1.0.2-3.el8ost.noarch",
"8Base-CFME-5.11:python3-future-0:0.16.0-1.el8cf.noarch",
"8Base-CFME-5.11:python3-lockfile-1:0.11.0-8.el8ar.noarch",
"8Base-CFME-5.11:python3-mock-0:2.0.0-11.el8ost.noarch",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-0:4.3.2-1.el8ev.src",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-0:4.3.2-1.el8ev.x86_64",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-debuginfo-0:4.3.2-1.el8ev.x86_64",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-debugsource-0:4.3.2-1.el8ev.x86_64",
"8Base-CFME-5.11:python3-pbr-0:5.1.2-2.el8ost.noarch",
"8Base-CFME-5.11:python3-pexpect-0:4.6-2.el8ar.noarch",
"8Base-CFME-5.11:python3-psutil-0:5.4.3-5.el8ar.x86_64",
"8Base-CFME-5.11:python3-psutil-debuginfo-0:5.4.3-5.el8ar.x86_64",
"8Base-CFME-5.11:python3-pylxca-0:2.1.1-2.el8cf.noarch",
"8Base-CFME-5.11:python3-qpid-proton-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:python3-requests-toolbelt-0:0.8.0-2.el8cf.noarch",
"8Base-CFME-5.11:python3-tabulate-0:0.8.2-1.el8cf.noarch",
"8Base-CFME-5.11:python3-vspk-0:5.3.2-2.el8cf.noarch",
"8Base-CFME-5.11:qpid-proton-0:0.28.0-1.el8.src",
"8Base-CFME-5.11:qpid-proton-c-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-c-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-c-devel-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-c-docs-0:0.28.0-1.el8.noarch",
"8Base-CFME-5.11:qpid-proton-cpp-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-debugsource-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:repmgr10-0:4.0.6-3.el8cf.src",
"8Base-CFME-5.11:repmgr10-0:4.0.6-3.el8cf.x86_64",
"8Base-CFME-5.11:repmgr10-debuginfo-0:4.0.6-3.el8cf.x86_64",
"8Base-CFME-5.11:repmgr10-debugsource-0:4.0.6-3.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-0:3.1.13-1.el8cf.src",
"8Base-CFME-5.11:rubygem-bcrypt-0:3.1.13-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-debuginfo-0:3.1.13-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-debugsource-0:3.1.13-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-doc-0:3.1.13-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-byebug-0:11.0.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-byebug-0:11.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-byebug-debuginfo-0:11.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-byebug-debugsource-0:11.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-byebug-doc-0:11.0.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-escape_utils-0:1.2.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-escape_utils-0:1.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-escape_utils-debuginfo-0:1.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-escape_utils-debugsource-0:1.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-escape_utils-doc-0:1.2.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-ffi-0:1.9.25-1.el8cf.src",
"8Base-CFME-5.11:rubygem-ffi-0:1.9.25-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ffi-debuginfo-0:1.9.25-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ffi-debugsource-0:1.9.25-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ffi-doc-0:1.9.25-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-hamlit-0:2.8.10-1.el8cf.src",
"8Base-CFME-5.11:rubygem-hamlit-0:2.8.10-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-hamlit-debuginfo-0:2.8.10-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-hamlit-debugsource-0:2.8.10-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-hamlit-doc-0:2.8.10-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-http_parser.rb-0:0.6.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-http_parser.rb-0:0.6.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-http_parser.rb-debuginfo-0:0.6.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-http_parser.rb-debugsource-0:0.6.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-http_parser.rb-doc-0:0.6.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-linux_block_device-0:0.2.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-linux_block_device-0:0.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-linux_block_device-debuginfo-0:0.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-linux_block_device-debugsource-0:0.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-linux_block_device-doc-0:0.2.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-memory_buffer-0:0.1.0-2.el8cf.src",
"8Base-CFME-5.11:rubygem-memory_buffer-0:0.1.0-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-memory_buffer-debuginfo-0:0.1.0-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-memory_buffer-debugsource-0:0.1.0-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-memory_buffer-doc-0:0.1.0-2.el8cf.noarch",
"8Base-CFME-5.11:rubygem-nio4r-0:2.4.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-nio4r-0:2.4.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nio4r-debuginfo-0:2.4.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nio4r-debugsource-0:2.4.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nio4r-doc-0:2.4.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-nokogiri-0:1.8.5-1.el8cf.src",
"8Base-CFME-5.11:rubygem-nokogiri-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nokogiri-debuginfo-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nokogiri-debugsource-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nokogiri-doc-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-0:4.3.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-0:4.3.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-debuginfo-0:4.3.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-debugsource-0:4.3.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-doc-0:4.3.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-puma-0:3.7.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-puma-0:3.7.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-puma-debuginfo-0:3.7.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-puma-debugsource-0:3.7.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-puma-doc-0:3.7.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-qpid_proton-0:0.26.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-qpid_proton-0:0.26.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-qpid_proton-debuginfo-0:0.26.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-qpid_proton-debugsource-0:0.26.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-qpid_proton-doc-0:0.26.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-rugged-0:0.28.2-1.el8cf.src",
"8Base-CFME-5.11:rubygem-rugged-0:0.28.2-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-rugged-debuginfo-0:0.28.2-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-rugged-debugsource-0:0.28.2-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-rugged-doc-0:0.28.2-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-sassc-0:2.0.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-sassc-0:2.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sassc-debuginfo-0:2.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sassc-debugsource-0:2.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sassc-doc-0:2.0.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-sqlite3-0:1.3.13-2.el8cf.src",
"8Base-CFME-5.11:rubygem-sqlite3-0:1.3.13-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sqlite3-debuginfo-0:1.3.13-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sqlite3-debugsource-0:1.3.13-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sqlite3-doc-0:1.3.13-2.el8cf.noarch",
"8Base-CFME-5.11:rubygem-surro-gate-0:1.0.5-1.el8cf.src",
"8Base-CFME-5.11:rubygem-surro-gate-0:1.0.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-surro-gate-debuginfo-0:1.0.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-surro-gate-debugsource-0:1.0.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-surro-gate-doc-0:1.0.5-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-unf_ext-0:0.0.7.6-1.el8cf.src",
"8Base-CFME-5.11:rubygem-unf_ext-0:0.0.7.6-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-unf_ext-debuginfo-0:0.0.7.6-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-unf_ext-debugsource-0:0.0.7.6-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-unf_ext-doc-0:0.0.7.6-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-websocket-driver-0:0.6.5-1.el8cf.src",
"8Base-CFME-5.11:rubygem-websocket-driver-0:0.6.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-websocket-driver-debuginfo-0:0.6.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-websocket-driver-debugsource-0:0.6.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-websocket-driver-doc-0:0.6.5-1.el8cf.noarch",
"8Base-CFME-5.11:smem-0:1.4-1.el8cf.noarch",
"8Base-CFME-5.11:smem-0:1.4-1.el8cf.src",
"8Base-CFME-5.11:v2v-conversion-host-0:1.14.2-1.el8ev.src",
"8Base-CFME-5.11:v2v-conversion-host-ansible-0:1.14.2-1.el8ev.noarch",
"8Base-CFME-5.11:wmi-0:1.3.14-8.el8cf.src",
"8Base-CFME-5.11:wmi-0:1.3.14-8.el8cf.x86_64",
"8Base-CFME-5.11:wmi-debuginfo-0:1.3.14-8.el8cf.x86_64",
"8Base-CFME-5.11:wmi-debugsource-0:1.3.14-8.el8cf.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the data-target attribute"
},
{
"cve": "CVE-2019-0223",
"cwe": {
"id": "CWE-300",
"name": "Channel Accessible by Non-Endpoint"
},
"discovery_date": "2019-04-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1702439"
}
],
"notes": [
{
"category": "description",
"text": "A cryptographic weakness was discovered in qpid-proton\u0027s use of TLS. If the qpid-proton client was used without client certificates, it would accept an anonymous cipher offered by the server. A man-in-the-middle attacker could use this to silently intercept traffic that should have been encrypted.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "qpid-proton: TLS Man in the Middle Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform 14 (and its Operational Tools) is impacted by this flaw; other supported versions are not vulnerable.\n\nRed Hat Virtualization 4 uses qpid-proton for katello-agent, which always uses client certificate authentication.\n\nRed Hat Update Infrastructure 3 is impacted by this flaw, however in its default configuration client certificate authentication is used and qpidd service, which uses qpid-proton, cannot be reach from other machines.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-CFME-5.11:ansible-runner-0:1.3.4-2.el8ar.noarch",
"8Base-CFME-5.11:ansible-runner-0:1.3.4-2.el8ar.src",
"8Base-CFME-5.11:ansible-tower-venv-ansible-0:3.5.2-1.el8at.x86_64",
"8Base-CFME-5.11:cfme-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-amazon-smartstate-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-amazon-smartstate-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-appliance-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-appliance-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-appliance-common-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-appliance-tools-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-gemset-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-gemset-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:ovirt-ansible-cluster-upgrade-0:1.1.13-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-cluster-upgrade-0:1.1.13-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-disaster-recovery-0:1.2.0-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-disaster-recovery-0:1.2.0-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-engine-setup-0:1.1.9-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-engine-setup-0:1.1.9-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-hosted-engine-setup-0:1.0.26-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-hosted-engine-setup-0:1.0.26-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-image-template-0:1.1.11-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-image-template-0:1.1.11-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-infra-0:1.1.12-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-infra-0:1.1.12-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-manageiq-0:1.1.14-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-manageiq-0:1.1.14-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-repositories-0:1.1.5-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-repositories-0:1.1.5-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-roles-0:1.1.7-2.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-roles-0:1.1.7-2.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-shutdown-env-0:1.0.3-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-shutdown-env-0:1.0.3-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-vm-infra-0:1.1.19-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-vm-infra-0:1.1.19-1.el8ev.src",
"8Base-CFME-5.11:prince-0:12.4-1.el8cf.src",
"8Base-CFME-5.11:prince-0:12.4-1.el8cf.x86_64",
"8Base-CFME-5.11:python-bambou-0:3.0.1-2.el8cf.src",
"8Base-CFME-5.11:python-colorama-0:0.4.1-1.el8ost.src",
"8Base-CFME-5.11:python-daemon-0:2.1.2-9.el8ar.src",
"8Base-CFME-5.11:python-funcsigs-0:1.0.2-3.el8ost.src",
"8Base-CFME-5.11:python-future-0:0.16.0-1.el8cf.src",
"8Base-CFME-5.11:python-lockfile-1:0.11.0-8.el8ar.src",
"8Base-CFME-5.11:python-mock-0:2.0.0-11.el8ost.src",
"8Base-CFME-5.11:python-pbr-0:5.1.2-2.el8ost.src",
"8Base-CFME-5.11:python-pexpect-0:4.6-2.el8ar.src",
"8Base-CFME-5.11:python-psutil-0:5.4.3-5.el8ar.src",
"8Base-CFME-5.11:python-psutil-debugsource-0:5.4.3-5.el8ar.x86_64",
"8Base-CFME-5.11:python-pylxca-0:2.1.1-2.el8cf.src",
"8Base-CFME-5.11:python-requests-toolbelt-0:0.8.0-2.el8cf.src",
"8Base-CFME-5.11:python-tabulate-0:0.8.2-1.el8cf.src",
"8Base-CFME-5.11:python-vspk-0:5.3.2-2.el8cf.src",
"8Base-CFME-5.11:python3-ansible-runner-0:1.3.4-2.el8ar.noarch",
"8Base-CFME-5.11:python3-bambou-0:3.0.1-2.el8cf.noarch",
"8Base-CFME-5.11:python3-colorama-0:0.4.1-1.el8ost.noarch",
"8Base-CFME-5.11:python3-daemon-0:2.1.2-9.el8ar.noarch",
"8Base-CFME-5.11:python3-funcsigs-0:1.0.2-3.el8ost.noarch",
"8Base-CFME-5.11:python3-future-0:0.16.0-1.el8cf.noarch",
"8Base-CFME-5.11:python3-lockfile-1:0.11.0-8.el8ar.noarch",
"8Base-CFME-5.11:python3-mock-0:2.0.0-11.el8ost.noarch",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-0:4.3.2-1.el8ev.src",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-0:4.3.2-1.el8ev.x86_64",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-debuginfo-0:4.3.2-1.el8ev.x86_64",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-debugsource-0:4.3.2-1.el8ev.x86_64",
"8Base-CFME-5.11:python3-pbr-0:5.1.2-2.el8ost.noarch",
"8Base-CFME-5.11:python3-pexpect-0:4.6-2.el8ar.noarch",
"8Base-CFME-5.11:python3-psutil-0:5.4.3-5.el8ar.x86_64",
"8Base-CFME-5.11:python3-psutil-debuginfo-0:5.4.3-5.el8ar.x86_64",
"8Base-CFME-5.11:python3-pylxca-0:2.1.1-2.el8cf.noarch",
"8Base-CFME-5.11:python3-qpid-proton-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:python3-requests-toolbelt-0:0.8.0-2.el8cf.noarch",
"8Base-CFME-5.11:python3-tabulate-0:0.8.2-1.el8cf.noarch",
"8Base-CFME-5.11:python3-vspk-0:5.3.2-2.el8cf.noarch",
"8Base-CFME-5.11:qpid-proton-0:0.28.0-1.el8.src",
"8Base-CFME-5.11:qpid-proton-c-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-c-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-c-devel-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-c-docs-0:0.28.0-1.el8.noarch",
"8Base-CFME-5.11:qpid-proton-cpp-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-debugsource-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:repmgr10-0:4.0.6-3.el8cf.src",
"8Base-CFME-5.11:repmgr10-0:4.0.6-3.el8cf.x86_64",
"8Base-CFME-5.11:repmgr10-debuginfo-0:4.0.6-3.el8cf.x86_64",
"8Base-CFME-5.11:repmgr10-debugsource-0:4.0.6-3.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-0:3.1.13-1.el8cf.src",
"8Base-CFME-5.11:rubygem-bcrypt-0:3.1.13-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-debuginfo-0:3.1.13-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-debugsource-0:3.1.13-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-doc-0:3.1.13-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-byebug-0:11.0.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-byebug-0:11.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-byebug-debuginfo-0:11.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-byebug-debugsource-0:11.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-byebug-doc-0:11.0.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-escape_utils-0:1.2.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-escape_utils-0:1.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-escape_utils-debuginfo-0:1.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-escape_utils-debugsource-0:1.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-escape_utils-doc-0:1.2.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-ffi-0:1.9.25-1.el8cf.src",
"8Base-CFME-5.11:rubygem-ffi-0:1.9.25-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ffi-debuginfo-0:1.9.25-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ffi-debugsource-0:1.9.25-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ffi-doc-0:1.9.25-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-hamlit-0:2.8.10-1.el8cf.src",
"8Base-CFME-5.11:rubygem-hamlit-0:2.8.10-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-hamlit-debuginfo-0:2.8.10-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-hamlit-debugsource-0:2.8.10-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-hamlit-doc-0:2.8.10-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-http_parser.rb-0:0.6.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-http_parser.rb-0:0.6.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-http_parser.rb-debuginfo-0:0.6.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-http_parser.rb-debugsource-0:0.6.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-http_parser.rb-doc-0:0.6.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-linux_block_device-0:0.2.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-linux_block_device-0:0.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-linux_block_device-debuginfo-0:0.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-linux_block_device-debugsource-0:0.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-linux_block_device-doc-0:0.2.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-memory_buffer-0:0.1.0-2.el8cf.src",
"8Base-CFME-5.11:rubygem-memory_buffer-0:0.1.0-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-memory_buffer-debuginfo-0:0.1.0-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-memory_buffer-debugsource-0:0.1.0-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-memory_buffer-doc-0:0.1.0-2.el8cf.noarch",
"8Base-CFME-5.11:rubygem-nio4r-0:2.4.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-nio4r-0:2.4.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nio4r-debuginfo-0:2.4.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nio4r-debugsource-0:2.4.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nio4r-doc-0:2.4.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-nokogiri-0:1.8.5-1.el8cf.src",
"8Base-CFME-5.11:rubygem-nokogiri-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nokogiri-debuginfo-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nokogiri-debugsource-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nokogiri-doc-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-0:4.3.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-0:4.3.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-debuginfo-0:4.3.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-debugsource-0:4.3.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-doc-0:4.3.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-puma-0:3.7.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-puma-0:3.7.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-puma-debuginfo-0:3.7.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-puma-debugsource-0:3.7.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-puma-doc-0:3.7.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-qpid_proton-0:0.26.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-qpid_proton-0:0.26.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-qpid_proton-debuginfo-0:0.26.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-qpid_proton-debugsource-0:0.26.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-qpid_proton-doc-0:0.26.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-rugged-0:0.28.2-1.el8cf.src",
"8Base-CFME-5.11:rubygem-rugged-0:0.28.2-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-rugged-debuginfo-0:0.28.2-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-rugged-debugsource-0:0.28.2-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-rugged-doc-0:0.28.2-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-sassc-0:2.0.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-sassc-0:2.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sassc-debuginfo-0:2.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sassc-debugsource-0:2.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sassc-doc-0:2.0.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-sqlite3-0:1.3.13-2.el8cf.src",
"8Base-CFME-5.11:rubygem-sqlite3-0:1.3.13-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sqlite3-debuginfo-0:1.3.13-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sqlite3-debugsource-0:1.3.13-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sqlite3-doc-0:1.3.13-2.el8cf.noarch",
"8Base-CFME-5.11:rubygem-surro-gate-0:1.0.5-1.el8cf.src",
"8Base-CFME-5.11:rubygem-surro-gate-0:1.0.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-surro-gate-debuginfo-0:1.0.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-surro-gate-debugsource-0:1.0.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-surro-gate-doc-0:1.0.5-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-unf_ext-0:0.0.7.6-1.el8cf.src",
"8Base-CFME-5.11:rubygem-unf_ext-0:0.0.7.6-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-unf_ext-debuginfo-0:0.0.7.6-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-unf_ext-debugsource-0:0.0.7.6-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-unf_ext-doc-0:0.0.7.6-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-websocket-driver-0:0.6.5-1.el8cf.src",
"8Base-CFME-5.11:rubygem-websocket-driver-0:0.6.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-websocket-driver-debuginfo-0:0.6.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-websocket-driver-debugsource-0:0.6.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-websocket-driver-doc-0:0.6.5-1.el8cf.noarch",
"8Base-CFME-5.11:smem-0:1.4-1.el8cf.noarch",
"8Base-CFME-5.11:smem-0:1.4-1.el8cf.src",
"8Base-CFME-5.11:v2v-conversion-host-0:1.14.2-1.el8ev.src",
"8Base-CFME-5.11:v2v-conversion-host-ansible-0:1.14.2-1.el8ev.noarch",
"8Base-CFME-5.11:wmi-0:1.3.14-8.el8cf.src",
"8Base-CFME-5.11:wmi-0:1.3.14-8.el8cf.x86_64",
"8Base-CFME-5.11:wmi-debuginfo-0:1.3.14-8.el8cf.x86_64",
"8Base-CFME-5.11:wmi-debugsource-0:1.3.14-8.el8cf.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-0223"
},
{
"category": "external",
"summary": "RHBZ#1702439",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1702439"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-0223",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0223"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-0223",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0223"
},
{
"category": "external",
"summary": "https://qpid.apache.org/cves/CVE-2019-0223.html",
"url": "https://qpid.apache.org/cves/CVE-2019-0223.html"
}
],
"release_date": "2019-04-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-12-12T13:34:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nIf the postgresql service is running, it will be automatically restarted after installing this update. After installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"8Base-CFME-5.11:ansible-runner-0:1.3.4-2.el8ar.noarch",
"8Base-CFME-5.11:ansible-runner-0:1.3.4-2.el8ar.src",
"8Base-CFME-5.11:ansible-tower-venv-ansible-0:3.5.2-1.el8at.x86_64",
"8Base-CFME-5.11:cfme-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-amazon-smartstate-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-amazon-smartstate-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-appliance-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-appliance-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-appliance-common-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-appliance-tools-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-gemset-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-gemset-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:ovirt-ansible-cluster-upgrade-0:1.1.13-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-cluster-upgrade-0:1.1.13-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-disaster-recovery-0:1.2.0-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-disaster-recovery-0:1.2.0-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-engine-setup-0:1.1.9-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-engine-setup-0:1.1.9-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-hosted-engine-setup-0:1.0.26-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-hosted-engine-setup-0:1.0.26-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-image-template-0:1.1.11-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-image-template-0:1.1.11-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-infra-0:1.1.12-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-infra-0:1.1.12-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-manageiq-0:1.1.14-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-manageiq-0:1.1.14-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-repositories-0:1.1.5-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-repositories-0:1.1.5-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-roles-0:1.1.7-2.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-roles-0:1.1.7-2.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-shutdown-env-0:1.0.3-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-shutdown-env-0:1.0.3-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-vm-infra-0:1.1.19-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-vm-infra-0:1.1.19-1.el8ev.src",
"8Base-CFME-5.11:prince-0:12.4-1.el8cf.src",
"8Base-CFME-5.11:prince-0:12.4-1.el8cf.x86_64",
"8Base-CFME-5.11:python-bambou-0:3.0.1-2.el8cf.src",
"8Base-CFME-5.11:python-colorama-0:0.4.1-1.el8ost.src",
"8Base-CFME-5.11:python-daemon-0:2.1.2-9.el8ar.src",
"8Base-CFME-5.11:python-funcsigs-0:1.0.2-3.el8ost.src",
"8Base-CFME-5.11:python-future-0:0.16.0-1.el8cf.src",
"8Base-CFME-5.11:python-lockfile-1:0.11.0-8.el8ar.src",
"8Base-CFME-5.11:python-mock-0:2.0.0-11.el8ost.src",
"8Base-CFME-5.11:python-pbr-0:5.1.2-2.el8ost.src",
"8Base-CFME-5.11:python-pexpect-0:4.6-2.el8ar.src",
"8Base-CFME-5.11:python-psutil-0:5.4.3-5.el8ar.src",
"8Base-CFME-5.11:python-psutil-debugsource-0:5.4.3-5.el8ar.x86_64",
"8Base-CFME-5.11:python-pylxca-0:2.1.1-2.el8cf.src",
"8Base-CFME-5.11:python-requests-toolbelt-0:0.8.0-2.el8cf.src",
"8Base-CFME-5.11:python-tabulate-0:0.8.2-1.el8cf.src",
"8Base-CFME-5.11:python-vspk-0:5.3.2-2.el8cf.src",
"8Base-CFME-5.11:python3-ansible-runner-0:1.3.4-2.el8ar.noarch",
"8Base-CFME-5.11:python3-bambou-0:3.0.1-2.el8cf.noarch",
"8Base-CFME-5.11:python3-colorama-0:0.4.1-1.el8ost.noarch",
"8Base-CFME-5.11:python3-daemon-0:2.1.2-9.el8ar.noarch",
"8Base-CFME-5.11:python3-funcsigs-0:1.0.2-3.el8ost.noarch",
"8Base-CFME-5.11:python3-future-0:0.16.0-1.el8cf.noarch",
"8Base-CFME-5.11:python3-lockfile-1:0.11.0-8.el8ar.noarch",
"8Base-CFME-5.11:python3-mock-0:2.0.0-11.el8ost.noarch",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-0:4.3.2-1.el8ev.src",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-0:4.3.2-1.el8ev.x86_64",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-debuginfo-0:4.3.2-1.el8ev.x86_64",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-debugsource-0:4.3.2-1.el8ev.x86_64",
"8Base-CFME-5.11:python3-pbr-0:5.1.2-2.el8ost.noarch",
"8Base-CFME-5.11:python3-pexpect-0:4.6-2.el8ar.noarch",
"8Base-CFME-5.11:python3-psutil-0:5.4.3-5.el8ar.x86_64",
"8Base-CFME-5.11:python3-psutil-debuginfo-0:5.4.3-5.el8ar.x86_64",
"8Base-CFME-5.11:python3-pylxca-0:2.1.1-2.el8cf.noarch",
"8Base-CFME-5.11:python3-qpid-proton-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:python3-requests-toolbelt-0:0.8.0-2.el8cf.noarch",
"8Base-CFME-5.11:python3-tabulate-0:0.8.2-1.el8cf.noarch",
"8Base-CFME-5.11:python3-vspk-0:5.3.2-2.el8cf.noarch",
"8Base-CFME-5.11:qpid-proton-0:0.28.0-1.el8.src",
"8Base-CFME-5.11:qpid-proton-c-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-c-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-c-devel-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-c-docs-0:0.28.0-1.el8.noarch",
"8Base-CFME-5.11:qpid-proton-cpp-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-debugsource-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:repmgr10-0:4.0.6-3.el8cf.src",
"8Base-CFME-5.11:repmgr10-0:4.0.6-3.el8cf.x86_64",
"8Base-CFME-5.11:repmgr10-debuginfo-0:4.0.6-3.el8cf.x86_64",
"8Base-CFME-5.11:repmgr10-debugsource-0:4.0.6-3.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-0:3.1.13-1.el8cf.src",
"8Base-CFME-5.11:rubygem-bcrypt-0:3.1.13-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-debuginfo-0:3.1.13-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-debugsource-0:3.1.13-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-doc-0:3.1.13-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-byebug-0:11.0.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-byebug-0:11.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-byebug-debuginfo-0:11.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-byebug-debugsource-0:11.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-byebug-doc-0:11.0.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-escape_utils-0:1.2.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-escape_utils-0:1.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-escape_utils-debuginfo-0:1.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-escape_utils-debugsource-0:1.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-escape_utils-doc-0:1.2.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-ffi-0:1.9.25-1.el8cf.src",
"8Base-CFME-5.11:rubygem-ffi-0:1.9.25-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ffi-debuginfo-0:1.9.25-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ffi-debugsource-0:1.9.25-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ffi-doc-0:1.9.25-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-hamlit-0:2.8.10-1.el8cf.src",
"8Base-CFME-5.11:rubygem-hamlit-0:2.8.10-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-hamlit-debuginfo-0:2.8.10-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-hamlit-debugsource-0:2.8.10-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-hamlit-doc-0:2.8.10-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-http_parser.rb-0:0.6.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-http_parser.rb-0:0.6.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-http_parser.rb-debuginfo-0:0.6.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-http_parser.rb-debugsource-0:0.6.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-http_parser.rb-doc-0:0.6.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-linux_block_device-0:0.2.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-linux_block_device-0:0.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-linux_block_device-debuginfo-0:0.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-linux_block_device-debugsource-0:0.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-linux_block_device-doc-0:0.2.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-memory_buffer-0:0.1.0-2.el8cf.src",
"8Base-CFME-5.11:rubygem-memory_buffer-0:0.1.0-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-memory_buffer-debuginfo-0:0.1.0-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-memory_buffer-debugsource-0:0.1.0-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-memory_buffer-doc-0:0.1.0-2.el8cf.noarch",
"8Base-CFME-5.11:rubygem-nio4r-0:2.4.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-nio4r-0:2.4.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nio4r-debuginfo-0:2.4.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nio4r-debugsource-0:2.4.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nio4r-doc-0:2.4.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-nokogiri-0:1.8.5-1.el8cf.src",
"8Base-CFME-5.11:rubygem-nokogiri-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nokogiri-debuginfo-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nokogiri-debugsource-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nokogiri-doc-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-0:4.3.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-0:4.3.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-debuginfo-0:4.3.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-debugsource-0:4.3.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-doc-0:4.3.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-puma-0:3.7.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-puma-0:3.7.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-puma-debuginfo-0:3.7.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-puma-debugsource-0:3.7.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-puma-doc-0:3.7.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-qpid_proton-0:0.26.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-qpid_proton-0:0.26.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-qpid_proton-debuginfo-0:0.26.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-qpid_proton-debugsource-0:0.26.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-qpid_proton-doc-0:0.26.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-rugged-0:0.28.2-1.el8cf.src",
"8Base-CFME-5.11:rubygem-rugged-0:0.28.2-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-rugged-debuginfo-0:0.28.2-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-rugged-debugsource-0:0.28.2-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-rugged-doc-0:0.28.2-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-sassc-0:2.0.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-sassc-0:2.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sassc-debuginfo-0:2.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sassc-debugsource-0:2.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sassc-doc-0:2.0.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-sqlite3-0:1.3.13-2.el8cf.src",
"8Base-CFME-5.11:rubygem-sqlite3-0:1.3.13-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sqlite3-debuginfo-0:1.3.13-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sqlite3-debugsource-0:1.3.13-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sqlite3-doc-0:1.3.13-2.el8cf.noarch",
"8Base-CFME-5.11:rubygem-surro-gate-0:1.0.5-1.el8cf.src",
"8Base-CFME-5.11:rubygem-surro-gate-0:1.0.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-surro-gate-debuginfo-0:1.0.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-surro-gate-debugsource-0:1.0.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-surro-gate-doc-0:1.0.5-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-unf_ext-0:0.0.7.6-1.el8cf.src",
"8Base-CFME-5.11:rubygem-unf_ext-0:0.0.7.6-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-unf_ext-debuginfo-0:0.0.7.6-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-unf_ext-debugsource-0:0.0.7.6-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-unf_ext-doc-0:0.0.7.6-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-websocket-driver-0:0.6.5-1.el8cf.src",
"8Base-CFME-5.11:rubygem-websocket-driver-0:0.6.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-websocket-driver-debuginfo-0:0.6.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-websocket-driver-debugsource-0:0.6.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-websocket-driver-doc-0:0.6.5-1.el8cf.noarch",
"8Base-CFME-5.11:smem-0:1.4-1.el8cf.noarch",
"8Base-CFME-5.11:smem-0:1.4-1.el8cf.src",
"8Base-CFME-5.11:v2v-conversion-host-0:1.14.2-1.el8ev.src",
"8Base-CFME-5.11:v2v-conversion-host-ansible-0:1.14.2-1.el8ev.noarch",
"8Base-CFME-5.11:wmi-0:1.3.14-8.el8cf.src",
"8Base-CFME-5.11:wmi-0:1.3.14-8.el8cf.x86_64",
"8Base-CFME-5.11:wmi-debuginfo-0:1.3.14-8.el8cf.x86_64",
"8Base-CFME-5.11:wmi-debugsource-0:1.3.14-8.el8cf.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2019:4199"
},
{
"category": "workaround",
"details": "This attack will not work if client-certificate authentication is in place because anonymous ciphers would not then be available.\nAnother possible mitigation is to disable anonymous ciphers on clients.",
"product_ids": [
"8Base-CFME-5.11:ansible-runner-0:1.3.4-2.el8ar.noarch",
"8Base-CFME-5.11:ansible-runner-0:1.3.4-2.el8ar.src",
"8Base-CFME-5.11:ansible-tower-venv-ansible-0:3.5.2-1.el8at.x86_64",
"8Base-CFME-5.11:cfme-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-amazon-smartstate-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-amazon-smartstate-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-appliance-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-appliance-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-appliance-common-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-appliance-tools-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-gemset-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-gemset-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:ovirt-ansible-cluster-upgrade-0:1.1.13-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-cluster-upgrade-0:1.1.13-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-disaster-recovery-0:1.2.0-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-disaster-recovery-0:1.2.0-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-engine-setup-0:1.1.9-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-engine-setup-0:1.1.9-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-hosted-engine-setup-0:1.0.26-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-hosted-engine-setup-0:1.0.26-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-image-template-0:1.1.11-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-image-template-0:1.1.11-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-infra-0:1.1.12-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-infra-0:1.1.12-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-manageiq-0:1.1.14-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-manageiq-0:1.1.14-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-repositories-0:1.1.5-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-repositories-0:1.1.5-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-roles-0:1.1.7-2.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-roles-0:1.1.7-2.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-shutdown-env-0:1.0.3-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-shutdown-env-0:1.0.3-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-vm-infra-0:1.1.19-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-vm-infra-0:1.1.19-1.el8ev.src",
"8Base-CFME-5.11:prince-0:12.4-1.el8cf.src",
"8Base-CFME-5.11:prince-0:12.4-1.el8cf.x86_64",
"8Base-CFME-5.11:python-bambou-0:3.0.1-2.el8cf.src",
"8Base-CFME-5.11:python-colorama-0:0.4.1-1.el8ost.src",
"8Base-CFME-5.11:python-daemon-0:2.1.2-9.el8ar.src",
"8Base-CFME-5.11:python-funcsigs-0:1.0.2-3.el8ost.src",
"8Base-CFME-5.11:python-future-0:0.16.0-1.el8cf.src",
"8Base-CFME-5.11:python-lockfile-1:0.11.0-8.el8ar.src",
"8Base-CFME-5.11:python-mock-0:2.0.0-11.el8ost.src",
"8Base-CFME-5.11:python-pbr-0:5.1.2-2.el8ost.src",
"8Base-CFME-5.11:python-pexpect-0:4.6-2.el8ar.src",
"8Base-CFME-5.11:python-psutil-0:5.4.3-5.el8ar.src",
"8Base-CFME-5.11:python-psutil-debugsource-0:5.4.3-5.el8ar.x86_64",
"8Base-CFME-5.11:python-pylxca-0:2.1.1-2.el8cf.src",
"8Base-CFME-5.11:python-requests-toolbelt-0:0.8.0-2.el8cf.src",
"8Base-CFME-5.11:python-tabulate-0:0.8.2-1.el8cf.src",
"8Base-CFME-5.11:python-vspk-0:5.3.2-2.el8cf.src",
"8Base-CFME-5.11:python3-ansible-runner-0:1.3.4-2.el8ar.noarch",
"8Base-CFME-5.11:python3-bambou-0:3.0.1-2.el8cf.noarch",
"8Base-CFME-5.11:python3-colorama-0:0.4.1-1.el8ost.noarch",
"8Base-CFME-5.11:python3-daemon-0:2.1.2-9.el8ar.noarch",
"8Base-CFME-5.11:python3-funcsigs-0:1.0.2-3.el8ost.noarch",
"8Base-CFME-5.11:python3-future-0:0.16.0-1.el8cf.noarch",
"8Base-CFME-5.11:python3-lockfile-1:0.11.0-8.el8ar.noarch",
"8Base-CFME-5.11:python3-mock-0:2.0.0-11.el8ost.noarch",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-0:4.3.2-1.el8ev.src",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-0:4.3.2-1.el8ev.x86_64",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-debuginfo-0:4.3.2-1.el8ev.x86_64",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-debugsource-0:4.3.2-1.el8ev.x86_64",
"8Base-CFME-5.11:python3-pbr-0:5.1.2-2.el8ost.noarch",
"8Base-CFME-5.11:python3-pexpect-0:4.6-2.el8ar.noarch",
"8Base-CFME-5.11:python3-psutil-0:5.4.3-5.el8ar.x86_64",
"8Base-CFME-5.11:python3-psutil-debuginfo-0:5.4.3-5.el8ar.x86_64",
"8Base-CFME-5.11:python3-pylxca-0:2.1.1-2.el8cf.noarch",
"8Base-CFME-5.11:python3-qpid-proton-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:python3-requests-toolbelt-0:0.8.0-2.el8cf.noarch",
"8Base-CFME-5.11:python3-tabulate-0:0.8.2-1.el8cf.noarch",
"8Base-CFME-5.11:python3-vspk-0:5.3.2-2.el8cf.noarch",
"8Base-CFME-5.11:qpid-proton-0:0.28.0-1.el8.src",
"8Base-CFME-5.11:qpid-proton-c-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-c-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-c-devel-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-c-docs-0:0.28.0-1.el8.noarch",
"8Base-CFME-5.11:qpid-proton-cpp-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-debugsource-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:repmgr10-0:4.0.6-3.el8cf.src",
"8Base-CFME-5.11:repmgr10-0:4.0.6-3.el8cf.x86_64",
"8Base-CFME-5.11:repmgr10-debuginfo-0:4.0.6-3.el8cf.x86_64",
"8Base-CFME-5.11:repmgr10-debugsource-0:4.0.6-3.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-0:3.1.13-1.el8cf.src",
"8Base-CFME-5.11:rubygem-bcrypt-0:3.1.13-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-debuginfo-0:3.1.13-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-debugsource-0:3.1.13-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-doc-0:3.1.13-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-byebug-0:11.0.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-byebug-0:11.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-byebug-debuginfo-0:11.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-byebug-debugsource-0:11.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-byebug-doc-0:11.0.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-escape_utils-0:1.2.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-escape_utils-0:1.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-escape_utils-debuginfo-0:1.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-escape_utils-debugsource-0:1.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-escape_utils-doc-0:1.2.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-ffi-0:1.9.25-1.el8cf.src",
"8Base-CFME-5.11:rubygem-ffi-0:1.9.25-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ffi-debuginfo-0:1.9.25-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ffi-debugsource-0:1.9.25-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ffi-doc-0:1.9.25-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-hamlit-0:2.8.10-1.el8cf.src",
"8Base-CFME-5.11:rubygem-hamlit-0:2.8.10-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-hamlit-debuginfo-0:2.8.10-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-hamlit-debugsource-0:2.8.10-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-hamlit-doc-0:2.8.10-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-http_parser.rb-0:0.6.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-http_parser.rb-0:0.6.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-http_parser.rb-debuginfo-0:0.6.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-http_parser.rb-debugsource-0:0.6.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-http_parser.rb-doc-0:0.6.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-linux_block_device-0:0.2.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-linux_block_device-0:0.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-linux_block_device-debuginfo-0:0.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-linux_block_device-debugsource-0:0.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-linux_block_device-doc-0:0.2.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-memory_buffer-0:0.1.0-2.el8cf.src",
"8Base-CFME-5.11:rubygem-memory_buffer-0:0.1.0-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-memory_buffer-debuginfo-0:0.1.0-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-memory_buffer-debugsource-0:0.1.0-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-memory_buffer-doc-0:0.1.0-2.el8cf.noarch",
"8Base-CFME-5.11:rubygem-nio4r-0:2.4.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-nio4r-0:2.4.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nio4r-debuginfo-0:2.4.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nio4r-debugsource-0:2.4.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nio4r-doc-0:2.4.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-nokogiri-0:1.8.5-1.el8cf.src",
"8Base-CFME-5.11:rubygem-nokogiri-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nokogiri-debuginfo-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nokogiri-debugsource-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nokogiri-doc-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-0:4.3.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-0:4.3.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-debuginfo-0:4.3.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-debugsource-0:4.3.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-doc-0:4.3.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-puma-0:3.7.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-puma-0:3.7.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-puma-debuginfo-0:3.7.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-puma-debugsource-0:3.7.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-puma-doc-0:3.7.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-qpid_proton-0:0.26.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-qpid_proton-0:0.26.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-qpid_proton-debuginfo-0:0.26.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-qpid_proton-debugsource-0:0.26.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-qpid_proton-doc-0:0.26.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-rugged-0:0.28.2-1.el8cf.src",
"8Base-CFME-5.11:rubygem-rugged-0:0.28.2-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-rugged-debuginfo-0:0.28.2-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-rugged-debugsource-0:0.28.2-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-rugged-doc-0:0.28.2-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-sassc-0:2.0.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-sassc-0:2.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sassc-debuginfo-0:2.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sassc-debugsource-0:2.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sassc-doc-0:2.0.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-sqlite3-0:1.3.13-2.el8cf.src",
"8Base-CFME-5.11:rubygem-sqlite3-0:1.3.13-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sqlite3-debuginfo-0:1.3.13-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sqlite3-debugsource-0:1.3.13-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sqlite3-doc-0:1.3.13-2.el8cf.noarch",
"8Base-CFME-5.11:rubygem-surro-gate-0:1.0.5-1.el8cf.src",
"8Base-CFME-5.11:rubygem-surro-gate-0:1.0.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-surro-gate-debuginfo-0:1.0.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-surro-gate-debugsource-0:1.0.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-surro-gate-doc-0:1.0.5-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-unf_ext-0:0.0.7.6-1.el8cf.src",
"8Base-CFME-5.11:rubygem-unf_ext-0:0.0.7.6-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-unf_ext-debuginfo-0:0.0.7.6-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-unf_ext-debugsource-0:0.0.7.6-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-unf_ext-doc-0:0.0.7.6-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-websocket-driver-0:0.6.5-1.el8cf.src",
"8Base-CFME-5.11:rubygem-websocket-driver-0:0.6.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-websocket-driver-debuginfo-0:0.6.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-websocket-driver-debugsource-0:0.6.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-websocket-driver-doc-0:0.6.5-1.el8cf.noarch",
"8Base-CFME-5.11:smem-0:1.4-1.el8cf.noarch",
"8Base-CFME-5.11:smem-0:1.4-1.el8cf.src",
"8Base-CFME-5.11:v2v-conversion-host-0:1.14.2-1.el8ev.src",
"8Base-CFME-5.11:v2v-conversion-host-ansible-0:1.14.2-1.el8ev.noarch",
"8Base-CFME-5.11:wmi-0:1.3.14-8.el8cf.src",
"8Base-CFME-5.11:wmi-0:1.3.14-8.el8cf.x86_64",
"8Base-CFME-5.11:wmi-debuginfo-0:1.3.14-8.el8cf.x86_64",
"8Base-CFME-5.11:wmi-debugsource-0:1.3.14-8.el8cf.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"8Base-CFME-5.11:ansible-runner-0:1.3.4-2.el8ar.noarch",
"8Base-CFME-5.11:ansible-runner-0:1.3.4-2.el8ar.src",
"8Base-CFME-5.11:ansible-tower-venv-ansible-0:3.5.2-1.el8at.x86_64",
"8Base-CFME-5.11:cfme-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-amazon-smartstate-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-amazon-smartstate-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-appliance-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-appliance-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-appliance-common-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-appliance-tools-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-gemset-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-gemset-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:ovirt-ansible-cluster-upgrade-0:1.1.13-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-cluster-upgrade-0:1.1.13-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-disaster-recovery-0:1.2.0-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-disaster-recovery-0:1.2.0-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-engine-setup-0:1.1.9-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-engine-setup-0:1.1.9-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-hosted-engine-setup-0:1.0.26-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-hosted-engine-setup-0:1.0.26-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-image-template-0:1.1.11-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-image-template-0:1.1.11-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-infra-0:1.1.12-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-infra-0:1.1.12-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-manageiq-0:1.1.14-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-manageiq-0:1.1.14-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-repositories-0:1.1.5-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-repositories-0:1.1.5-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-roles-0:1.1.7-2.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-roles-0:1.1.7-2.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-shutdown-env-0:1.0.3-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-shutdown-env-0:1.0.3-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-vm-infra-0:1.1.19-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-vm-infra-0:1.1.19-1.el8ev.src",
"8Base-CFME-5.11:prince-0:12.4-1.el8cf.src",
"8Base-CFME-5.11:prince-0:12.4-1.el8cf.x86_64",
"8Base-CFME-5.11:python-bambou-0:3.0.1-2.el8cf.src",
"8Base-CFME-5.11:python-colorama-0:0.4.1-1.el8ost.src",
"8Base-CFME-5.11:python-daemon-0:2.1.2-9.el8ar.src",
"8Base-CFME-5.11:python-funcsigs-0:1.0.2-3.el8ost.src",
"8Base-CFME-5.11:python-future-0:0.16.0-1.el8cf.src",
"8Base-CFME-5.11:python-lockfile-1:0.11.0-8.el8ar.src",
"8Base-CFME-5.11:python-mock-0:2.0.0-11.el8ost.src",
"8Base-CFME-5.11:python-pbr-0:5.1.2-2.el8ost.src",
"8Base-CFME-5.11:python-pexpect-0:4.6-2.el8ar.src",
"8Base-CFME-5.11:python-psutil-0:5.4.3-5.el8ar.src",
"8Base-CFME-5.11:python-psutil-debugsource-0:5.4.3-5.el8ar.x86_64",
"8Base-CFME-5.11:python-pylxca-0:2.1.1-2.el8cf.src",
"8Base-CFME-5.11:python-requests-toolbelt-0:0.8.0-2.el8cf.src",
"8Base-CFME-5.11:python-tabulate-0:0.8.2-1.el8cf.src",
"8Base-CFME-5.11:python-vspk-0:5.3.2-2.el8cf.src",
"8Base-CFME-5.11:python3-ansible-runner-0:1.3.4-2.el8ar.noarch",
"8Base-CFME-5.11:python3-bambou-0:3.0.1-2.el8cf.noarch",
"8Base-CFME-5.11:python3-colorama-0:0.4.1-1.el8ost.noarch",
"8Base-CFME-5.11:python3-daemon-0:2.1.2-9.el8ar.noarch",
"8Base-CFME-5.11:python3-funcsigs-0:1.0.2-3.el8ost.noarch",
"8Base-CFME-5.11:python3-future-0:0.16.0-1.el8cf.noarch",
"8Base-CFME-5.11:python3-lockfile-1:0.11.0-8.el8ar.noarch",
"8Base-CFME-5.11:python3-mock-0:2.0.0-11.el8ost.noarch",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-0:4.3.2-1.el8ev.src",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-0:4.3.2-1.el8ev.x86_64",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-debuginfo-0:4.3.2-1.el8ev.x86_64",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-debugsource-0:4.3.2-1.el8ev.x86_64",
"8Base-CFME-5.11:python3-pbr-0:5.1.2-2.el8ost.noarch",
"8Base-CFME-5.11:python3-pexpect-0:4.6-2.el8ar.noarch",
"8Base-CFME-5.11:python3-psutil-0:5.4.3-5.el8ar.x86_64",
"8Base-CFME-5.11:python3-psutil-debuginfo-0:5.4.3-5.el8ar.x86_64",
"8Base-CFME-5.11:python3-pylxca-0:2.1.1-2.el8cf.noarch",
"8Base-CFME-5.11:python3-qpid-proton-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:python3-requests-toolbelt-0:0.8.0-2.el8cf.noarch",
"8Base-CFME-5.11:python3-tabulate-0:0.8.2-1.el8cf.noarch",
"8Base-CFME-5.11:python3-vspk-0:5.3.2-2.el8cf.noarch",
"8Base-CFME-5.11:qpid-proton-0:0.28.0-1.el8.src",
"8Base-CFME-5.11:qpid-proton-c-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-c-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-c-devel-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-c-docs-0:0.28.0-1.el8.noarch",
"8Base-CFME-5.11:qpid-proton-cpp-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-debugsource-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:repmgr10-0:4.0.6-3.el8cf.src",
"8Base-CFME-5.11:repmgr10-0:4.0.6-3.el8cf.x86_64",
"8Base-CFME-5.11:repmgr10-debuginfo-0:4.0.6-3.el8cf.x86_64",
"8Base-CFME-5.11:repmgr10-debugsource-0:4.0.6-3.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-0:3.1.13-1.el8cf.src",
"8Base-CFME-5.11:rubygem-bcrypt-0:3.1.13-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-debuginfo-0:3.1.13-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-debugsource-0:3.1.13-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-doc-0:3.1.13-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-byebug-0:11.0.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-byebug-0:11.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-byebug-debuginfo-0:11.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-byebug-debugsource-0:11.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-byebug-doc-0:11.0.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-escape_utils-0:1.2.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-escape_utils-0:1.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-escape_utils-debuginfo-0:1.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-escape_utils-debugsource-0:1.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-escape_utils-doc-0:1.2.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-ffi-0:1.9.25-1.el8cf.src",
"8Base-CFME-5.11:rubygem-ffi-0:1.9.25-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ffi-debuginfo-0:1.9.25-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ffi-debugsource-0:1.9.25-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ffi-doc-0:1.9.25-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-hamlit-0:2.8.10-1.el8cf.src",
"8Base-CFME-5.11:rubygem-hamlit-0:2.8.10-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-hamlit-debuginfo-0:2.8.10-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-hamlit-debugsource-0:2.8.10-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-hamlit-doc-0:2.8.10-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-http_parser.rb-0:0.6.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-http_parser.rb-0:0.6.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-http_parser.rb-debuginfo-0:0.6.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-http_parser.rb-debugsource-0:0.6.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-http_parser.rb-doc-0:0.6.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-linux_block_device-0:0.2.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-linux_block_device-0:0.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-linux_block_device-debuginfo-0:0.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-linux_block_device-debugsource-0:0.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-linux_block_device-doc-0:0.2.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-memory_buffer-0:0.1.0-2.el8cf.src",
"8Base-CFME-5.11:rubygem-memory_buffer-0:0.1.0-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-memory_buffer-debuginfo-0:0.1.0-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-memory_buffer-debugsource-0:0.1.0-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-memory_buffer-doc-0:0.1.0-2.el8cf.noarch",
"8Base-CFME-5.11:rubygem-nio4r-0:2.4.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-nio4r-0:2.4.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nio4r-debuginfo-0:2.4.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nio4r-debugsource-0:2.4.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nio4r-doc-0:2.4.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-nokogiri-0:1.8.5-1.el8cf.src",
"8Base-CFME-5.11:rubygem-nokogiri-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nokogiri-debuginfo-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nokogiri-debugsource-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nokogiri-doc-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-0:4.3.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-0:4.3.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-debuginfo-0:4.3.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-debugsource-0:4.3.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-doc-0:4.3.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-puma-0:3.7.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-puma-0:3.7.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-puma-debuginfo-0:3.7.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-puma-debugsource-0:3.7.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-puma-doc-0:3.7.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-qpid_proton-0:0.26.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-qpid_proton-0:0.26.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-qpid_proton-debuginfo-0:0.26.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-qpid_proton-debugsource-0:0.26.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-qpid_proton-doc-0:0.26.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-rugged-0:0.28.2-1.el8cf.src",
"8Base-CFME-5.11:rubygem-rugged-0:0.28.2-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-rugged-debuginfo-0:0.28.2-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-rugged-debugsource-0:0.28.2-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-rugged-doc-0:0.28.2-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-sassc-0:2.0.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-sassc-0:2.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sassc-debuginfo-0:2.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sassc-debugsource-0:2.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sassc-doc-0:2.0.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-sqlite3-0:1.3.13-2.el8cf.src",
"8Base-CFME-5.11:rubygem-sqlite3-0:1.3.13-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sqlite3-debuginfo-0:1.3.13-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sqlite3-debugsource-0:1.3.13-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sqlite3-doc-0:1.3.13-2.el8cf.noarch",
"8Base-CFME-5.11:rubygem-surro-gate-0:1.0.5-1.el8cf.src",
"8Base-CFME-5.11:rubygem-surro-gate-0:1.0.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-surro-gate-debuginfo-0:1.0.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-surro-gate-debugsource-0:1.0.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-surro-gate-doc-0:1.0.5-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-unf_ext-0:0.0.7.6-1.el8cf.src",
"8Base-CFME-5.11:rubygem-unf_ext-0:0.0.7.6-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-unf_ext-debuginfo-0:0.0.7.6-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-unf_ext-debugsource-0:0.0.7.6-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-unf_ext-doc-0:0.0.7.6-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-websocket-driver-0:0.6.5-1.el8cf.src",
"8Base-CFME-5.11:rubygem-websocket-driver-0:0.6.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-websocket-driver-debuginfo-0:0.6.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-websocket-driver-debugsource-0:0.6.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-websocket-driver-doc-0:0.6.5-1.el8cf.noarch",
"8Base-CFME-5.11:smem-0:1.4-1.el8cf.noarch",
"8Base-CFME-5.11:smem-0:1.4-1.el8cf.src",
"8Base-CFME-5.11:v2v-conversion-host-0:1.14.2-1.el8ev.src",
"8Base-CFME-5.11:v2v-conversion-host-ansible-0:1.14.2-1.el8ev.noarch",
"8Base-CFME-5.11:wmi-0:1.3.14-8.el8cf.src",
"8Base-CFME-5.11:wmi-0:1.3.14-8.el8cf.x86_64",
"8Base-CFME-5.11:wmi-debuginfo-0:1.3.14-8.el8cf.x86_64",
"8Base-CFME-5.11:wmi-debugsource-0:1.3.14-8.el8cf.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "qpid-proton: TLS Man in the Middle Vulnerability"
}
]
}
rhsa-2019:3023
Vulnerability from csaf_redhat
Published
2019-10-10 15:38
Modified
2025-10-10 01:34
Summary
Red Hat Security Advisory: ovirt-engine-ui-extensions security and bug fix update
Notes
Topic
An update for ovirt-engine-ui-extensions is now available for Red Hat Virtualization Engine 4.3.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The ovirt-engine-ui-extensions package contains UI plugins that provide various extensions to the oVirt administration UI.
Security Fix(es):
* bootstrap: XSS in the data-target attribute (CVE-2016-10735)
* bootstrap: XSS in the tooltip data-viewport attribute (CVE-2018-20676)
* bootstrap: XSS in the affix configuration target property (CVE-2018-20677)
* bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331)
* js-jquery: prototype pollution in object's prototype leading to denial of service or remote code execution or property injection (CVE-2019-11358)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* Known moderate severity security vulnerability detected by GitHub on ovirt-engine-ui-extensions components (BZ#1694035)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for ovirt-engine-ui-extensions is now available for Red Hat Virtualization Engine 4.3.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The ovirt-engine-ui-extensions package contains UI plugins that provide various extensions to the oVirt administration UI.\n\nSecurity Fix(es):\n\n* bootstrap: XSS in the data-target attribute (CVE-2016-10735)\n\n* bootstrap: XSS in the tooltip data-viewport attribute (CVE-2018-20676)\n\n* bootstrap: XSS in the affix configuration target property (CVE-2018-20677)\n\n* bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331)\n\n* js-jquery: prototype pollution in object\u0027s prototype leading to denial of service or remote code execution or property injection (CVE-2019-11358)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Known moderate severity security vulnerability detected by GitHub on ovirt-engine-ui-extensions components (BZ#1694035)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2019:3023",
"url": "https://access.redhat.com/errata/RHSA-2019:3023"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1668082",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668082"
},
{
"category": "external",
"summary": "1668089",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668089"
},
{
"category": "external",
"summary": "1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "external",
"summary": "1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "1752576",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1752576"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_3023.json"
}
],
"title": "Red Hat Security Advisory: ovirt-engine-ui-extensions security and bug fix update",
"tracking": {
"current_release_date": "2025-10-10T01:34:05+00:00",
"generator": {
"date": "2025-10-10T01:34:05+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2019:3023",
"initial_release_date": "2019-10-10T15:38:32+00:00",
"revision_history": [
{
"date": "2019-10-10T15:38:32+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2019-10-10T15:38:32+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-10T01:34:05+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHV-M 4.3",
"product": {
"name": "RHV-M 4.3",
"product_id": "7Server-RHV-S-4.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhev_manager:4.3"
}
}
}
],
"category": "product_family",
"name": "Red Hat Virtualization"
},
{
"branches": [
{
"category": "product_version",
"name": "ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch",
"product": {
"name": "ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch",
"product_id": "ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-ui-extensions@1.0.10-1.el7ev?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src",
"product": {
"name": "ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src",
"product_id": "ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-ui-extensions@1.0.10-1.el7ev?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch as a component of RHV-M 4.3",
"product_id": "7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch"
},
"product_reference": "ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch",
"relates_to_product_reference": "7Server-RHV-S-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src as a component of RHV-M 4.3",
"product_id": "7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src"
},
"product_reference": "ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src",
"relates_to_product_reference": "7Server-RHV-S-4.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-10735",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668097"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the data-target attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-10735"
},
{
"category": "external",
"summary": "RHBZ#1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10735"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735"
}
],
"release_date": "2016-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-10-10T15:38:32+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3023"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the data-target attribute"
},
{
"cve": "CVE-2018-20676",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668082"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting, caused by improper validation of user-supplied input by the tooltip data-viewport attribute. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the tooltip data-viewport attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions do not use the vulnerable component at all.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-20676"
},
{
"category": "external",
"summary": "RHBZ#1668082",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668082"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-20676",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20676"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20676",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20676"
}
],
"release_date": "2018-08-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-10-10T15:38:32+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3023"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the tooltip data-viewport attribute"
},
{
"cve": "CVE-2018-20677",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668089"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting caused by improper validation of user-supplied input by the affix configuration target property. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the affix configuration target property",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions do not use the vulnerable component at all.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-20677"
},
{
"category": "external",
"summary": "RHBZ#1668089",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668089"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-20677",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20677"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20677",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20677"
}
],
"release_date": "2018-08-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-10-10T15:38:32+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3023"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the affix configuration target property"
},
{
"cve": "CVE-2019-8331",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-02-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1686454"
}
],
"notes": [
{
"category": "description",
"text": "A cross-site scripting vulnerability was discovered in bootstrap. If an attacker could control the data given to tooltip or popover, they could inject HTML or Javascript into the rendered page when tooltip or popover events fired.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the tooltip or popover data-template attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-8331"
},
{
"category": "external",
"summary": "RHBZ#1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-8331",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8331"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331"
}
],
"release_date": "2019-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-10-10T15:38:32+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3023"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the tooltip or popover data-template attribute"
},
{
"cve": "CVE-2019-11358",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-03-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1701972"
}
],
"notes": [
{
"category": "description",
"text": "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-11358"
},
{
"category": "external",
"summary": "RHBZ#1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/",
"url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/"
},
{
"category": "external",
"summary": "https://www.drupal.org/sa-core-2019-006",
"url": "https://www.drupal.org/sa-core-2019-006"
}
],
"release_date": "2019-03-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-10-10T15:38:32+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3023"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection"
}
]
}
rhsa-2019_1456
Vulnerability from csaf_redhat
Published
2019-06-11 15:32
Modified
2024-12-08 11:13
Summary
Red Hat Security Advisory: Red Hat Single Sign-On 7.3.2 security update
Notes
Topic
A security update is now available for Red Hat Single Sign-On 7.3 from the Customer Portal.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.
This release of Red Hat Single Sign-On 7.3.2 serves as a replacement for Red Hat Single Sign-On 7.3.1, and includes bug fixes and enhancements, which are documented in the Release Notes document.
Security Fix(es):
* bootstrap: XSS in the data-target attribute (CVE-2016-10735)
* bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy (CVE-2018-14041)
* bootstrap: XSS in the tooltip data-viewport attribute (CVE-2018-20676)
* bootstrap: XSS in the affix configuration target property (CVE-2018-20677)
* picketlink: reflected XSS in SAMLRequest via RelayState parameter (CVE-2019-3872)
* picketlink: URL injection via xinclude parameter (CVE-2019-3873)
* keycloak: X.509 authentication: CRL signatures are not verified (CVE-2019-3875)
* undertow: leak credentials to log files UndertowLogger.REQUEST_LOGGER.undertowRequestFailed (CVE-2019-3888)
* bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331)
* keycloak: Node.js adapter internal NBF can be manipulated (CVE-2019-10157)
* js-jquery: prototype pollution in object's prototype leading to denial of service or remote code execution or property injection (CVE-2019-11358)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update is now available for Red Hat Single Sign-On 7.3 from the Customer Portal.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.\n\nThis release of Red Hat Single Sign-On 7.3.2 serves as a replacement for Red Hat Single Sign-On 7.3.1, and includes bug fixes and enhancements, which are documented in the Release Notes document.\n\nSecurity Fix(es):\n\n* bootstrap: XSS in the data-target attribute (CVE-2016-10735)\n\n* bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy (CVE-2018-14041)\n\n* bootstrap: XSS in the tooltip data-viewport attribute (CVE-2018-20676)\n\n* bootstrap: XSS in the affix configuration target property (CVE-2018-20677)\n\n* picketlink: reflected XSS in SAMLRequest via RelayState parameter (CVE-2019-3872)\n\n* picketlink: URL injection via xinclude parameter (CVE-2019-3873)\n\n* keycloak: X.509 authentication: CRL signatures are not verified (CVE-2019-3875)\n\n* undertow: leak credentials to log files UndertowLogger.REQUEST_LOGGER.undertowRequestFailed (CVE-2019-3888)\n\n* bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331)\n\n* keycloak: Node.js adapter internal NBF can be manipulated (CVE-2019-10157)\n\n* js-jquery: prototype pollution in object\u0027s prototype leading to denial of service or remote code execution or property injection (CVE-2019-11358)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2019:1456",
"url": "https://access.redhat.com/errata/RHSA-2019:1456"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=core.service.rhsso\u0026downloadType=securityPatches\u0026version=7.3",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=core.service.rhsso\u0026downloadType=securityPatches\u0026version=7.3"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.3/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.3/"
},
{
"category": "external",
"summary": "1601616",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601616"
},
{
"category": "external",
"summary": "1668082",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668082"
},
{
"category": "external",
"summary": "1668089",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668089"
},
{
"category": "external",
"summary": "1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "external",
"summary": "1688966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1688966"
},
{
"category": "external",
"summary": "1689014",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1689014"
},
{
"category": "external",
"summary": "1690628",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1690628"
},
{
"category": "external",
"summary": "1693777",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1693777"
},
{
"category": "external",
"summary": "1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "1702953",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1702953"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_1456.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Single Sign-On 7.3.2 security update",
"tracking": {
"current_release_date": "2024-12-08T11:13:01+00:00",
"generator": {
"date": "2024-12-08T11:13:01+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2019:1456",
"initial_release_date": "2019-06-11T15:32:12+00:00",
"revision_history": [
{
"date": "2019-06-11T15:32:12+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2019-06-11T15:32:12+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-08T11:13:01+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Single Sign-On 7.3.2 zip",
"product": {
"name": "Red Hat Single Sign-On 7.3.2 zip",
"product_id": "Red Hat Single Sign-On 7.3.2 zip",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_single_sign_on:7.3"
}
}
}
],
"category": "product_family",
"name": "Red Hat Single Sign-On"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-10735",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668097"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the data-target attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.3.2 zip"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-10735"
},
{
"category": "external",
"summary": "RHBZ#1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10735"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735"
}
],
"release_date": "2016-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-06-11T15:32:12+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.3.2 zip"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1456"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat Single Sign-On 7.3.2 zip"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the data-target attribute"
},
{
"cve": "CVE-2018-14041",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601616"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting, caused by improper validation of user-supplied input by the data-target property of scrollspy. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.3.2 zip"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14041"
},
{
"category": "external",
"summary": "RHBZ#1601616",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601616"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14041",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14041"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14041",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14041"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-06-11T15:32:12+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.3.2 zip"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1456"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat Single Sign-On 7.3.2 zip"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy"
},
{
"cve": "CVE-2018-20676",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668082"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting, caused by improper validation of user-supplied input by the tooltip data-viewport attribute. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the tooltip data-viewport attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions do not use the vulnerable component at all.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.3.2 zip"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-20676"
},
{
"category": "external",
"summary": "RHBZ#1668082",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668082"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-20676",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20676"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20676",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20676"
}
],
"release_date": "2018-08-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-06-11T15:32:12+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.3.2 zip"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1456"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat Single Sign-On 7.3.2 zip"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the tooltip data-viewport attribute"
},
{
"cve": "CVE-2018-20677",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668089"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting caused by improper validation of user-supplied input by the affix configuration target property. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the affix configuration target property",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions do not use the vulnerable component at all.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.3.2 zip"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-20677"
},
{
"category": "external",
"summary": "RHBZ#1668089",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668089"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-20677",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20677"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20677",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20677"
}
],
"release_date": "2018-08-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-06-11T15:32:12+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.3.2 zip"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1456"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat Single Sign-On 7.3.2 zip"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the affix configuration target property"
},
{
"cve": "CVE-2019-3872",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1688966"
}
],
"notes": [
{
"category": "description",
"text": "It was found that a SAMLRequest containing a script could be processed by Picketlink versions shipped in Jboss Application Platform 7.2.x and 7.1.x. An attacker could use this to send a malicious script to achieve cross-site scripting and obtain unauthorized information or conduct further attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "picketlink: reflected XSS in SAMLRequest via RelayState parameter",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.3.2 zip"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-3872"
},
{
"category": "external",
"summary": "RHBZ#1688966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1688966"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-3872",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3872"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-3872",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3872"
}
],
"release_date": "2019-06-10T15:16:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-06-11T15:32:12+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.3.2 zip"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1456"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat Single Sign-On 7.3.2 zip"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "picketlink: reflected XSS in SAMLRequest via RelayState parameter"
},
{
"cve": "CVE-2019-3873",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1689014"
}
],
"notes": [
{
"category": "description",
"text": "It was found that Picketlink as shipped with Jboss Enterprise Application Platform 7.2 would accept an xinclude parameter in SAMLresponse XML. An attacker could use this flaw to send a URL to achieve cross-site scripting or possibly conduct further attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "picketlink: URL injection via xinclude parameter",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.3.2 zip"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-3873"
},
{
"category": "external",
"summary": "RHBZ#1689014",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1689014"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-3873",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3873"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-3873",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3873"
}
],
"release_date": "2019-06-10T15:16:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-06-11T15:32:12+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.3.2 zip"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1456"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L",
"version": "3.0"
},
"products": [
"Red Hat Single Sign-On 7.3.2 zip"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "picketlink: URL injection via xinclude parameter"
},
{
"acknowledgments": [
{
"names": [
"Marek Posolda"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2019-3875",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2019-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1690628"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in keycloak before 6.0.2. The X.509 authenticator supports the verification of client certificates through the CRL, where the CRL list can be obtained from the URL provided in the certificate itself (CDP) or through the separately configured path. The CRL are often available over the network through unsecured protocols (\u0027http\u0027 or \u0027ldap\u0027) and hence the caller should verify the signature and possibly the certification path. Keycloak currently doesn\u0027t validate signatures on CRL, which can result in a possibility of various attacks like man-in-the-middle.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: missing signatures validation on CRL used to verify client certificates",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.3.2 zip"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-3875"
},
{
"category": "external",
"summary": "RHBZ#1690628",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1690628"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-3875",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3875"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-3875",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3875"
}
],
"release_date": "2019-06-11T14:22:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-06-11T15:32:12+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.3.2 zip"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1456"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat Single Sign-On 7.3.2 zip"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "keycloak: missing signatures validation on CRL used to verify client certificates"
},
{
"acknowledgments": [
{
"names": [
"Carter Kozak"
]
}
],
"cve": "CVE-2019-3888",
"cwe": {
"id": "CWE-532",
"name": "Insertion of Sensitive Information into Log File"
},
"discovery_date": "2019-03-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1693777"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Undertow web server before 2.0.21. An information exposure of plain text credentials through log files because Connectors.executeRootHandler:402 logs the HttpServerExchange object at ERROR level using UndertowLogger.REQUEST_LOGGER.undertowRequestFailed(t, exchange)",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: leak credentials to log files UndertowLogger.REQUEST_LOGGER.undertowRequestFailed",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.3.2 zip"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-3888"
},
{
"category": "external",
"summary": "RHBZ#1693777",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1693777"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-3888",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3888"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-3888",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3888"
}
],
"release_date": "2019-06-10T15:13:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-06-11T15:32:12+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.3.2 zip"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1456"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"Red Hat Single Sign-On 7.3.2 zip"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undertow: leak credentials to log files UndertowLogger.REQUEST_LOGGER.undertowRequestFailed"
},
{
"cve": "CVE-2019-8331",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-02-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1686454"
}
],
"notes": [
{
"category": "description",
"text": "A cross-site scripting vulnerability was discovered in bootstrap. If an attacker could control the data given to tooltip or popover, they could inject HTML or Javascript into the rendered page when tooltip or popover events fired.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the tooltip or popover data-template attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.3.2 zip"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-8331"
},
{
"category": "external",
"summary": "RHBZ#1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-8331",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8331"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331"
}
],
"release_date": "2019-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-06-11T15:32:12+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.3.2 zip"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1456"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat Single Sign-On 7.3.2 zip"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the tooltip or popover data-template attribute"
},
{
"cve": "CVE-2019-10157",
"cwe": {
"id": "CWE-345",
"name": "Insufficient Verification of Data Authenticity"
},
"discovery_date": "2019-04-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1702953"
}
],
"notes": [
{
"category": "description",
"text": "It was found that Keycloak\u0027s Node.js adapter did not properly verify the web token received from the server in its backchannel logout. An attacker with local access could use this to construct a malicious web token setting an NBF parameter that could prevent user access indefinitely.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: Node.js adapter internal NBF can be manipulated leading to DoS.",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.3.2 zip"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-10157"
},
{
"category": "external",
"summary": "RHBZ#1702953",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1702953"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-10157",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10157"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10157",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10157"
}
],
"release_date": "2019-06-11T14:23:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-06-11T15:32:12+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.3.2 zip"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1456"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"Red Hat Single Sign-On 7.3.2 zip"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "keycloak: Node.js adapter internal NBF can be manipulated leading to DoS."
},
{
"cve": "CVE-2019-11358",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-03-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1701972"
}
],
"notes": [
{
"category": "description",
"text": "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.3.2 zip"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-11358"
},
{
"category": "external",
"summary": "RHBZ#1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/",
"url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/"
},
{
"category": "external",
"summary": "https://www.drupal.org/sa-core-2019-006",
"url": "https://www.drupal.org/sa-core-2019-006"
}
],
"release_date": "2019-03-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-06-11T15:32:12+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.3.2 zip"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1456"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"Red Hat Single Sign-On 7.3.2 zip"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection"
}
]
}
RHSA-2023:0552
Vulnerability from csaf_redhat
Published
2023-01-31 13:15
Modified
2025-10-13 04:53
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.8, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.9 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection (CVE-2019-11358)
* jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251)
* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)
* jquery: Untrusted code execution via <option> tag in HTML passed to DOM manipulation methods (CVE-2020-11023)
* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)
* bootstrap: XSS in the data-target attribute (CVE-2016-10735)
* bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy (CVE-2018-14041)
* sshd-common: mina-sshd: Java unsafe deserialization vulnerability (CVE-2022-45047)
* woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks (CVE-2022-40152)
* bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip (CVE-2018-14042)
* bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331)
* nodejs-moment: Regular expression denial of service (CVE-2017-18214)
* wildfly-elytron: possible timing attacks via use of unsafe comparator (CVE-2022-3143)
* jackson-databind: use of deeply nested arrays (CVE-2022-42004)
* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)
* jettison: parser crash by stackoverflow (CVE-2022-40149)
* jettison: memory exhaustion via user-supplied XML or JSON data (CVE-2022-40150)
* jettison: If the value in map is the map's self, the new new JSONObject(map) cause StackOverflowError which may lead to dos (CVE-2022-45693)
* CXF: Apache CXF: SSRF Vulnerability (CVE-2022-46364)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.8, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.9 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection (CVE-2019-11358)\n\n* jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251)\n\n* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)\n\n* jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods (CVE-2020-11023)\n\n* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)\n\n* bootstrap: XSS in the data-target attribute (CVE-2016-10735)\n\n* bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy (CVE-2018-14041)\n\n* sshd-common: mina-sshd: Java unsafe deserialization vulnerability (CVE-2022-45047)\n\n* woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks (CVE-2022-40152)\n\n* bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip (CVE-2018-14042)\n\n* bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331)\n\n* nodejs-moment: Regular expression denial of service (CVE-2017-18214)\n\n* wildfly-elytron: possible timing attacks via use of unsafe comparator (CVE-2022-3143)\n\n* jackson-databind: use of deeply nested arrays (CVE-2022-42004)\n\n* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)\n\n* jettison: parser crash by stackoverflow (CVE-2022-40149)\n\n* jettison: memory exhaustion via user-supplied XML or JSON data (CVE-2022-40150)\n\n* jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos (CVE-2022-45693)\n\n* CXF: Apache CXF: SSRF Vulnerability (CVE-2022-46364)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:0552",
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/"
},
{
"category": "external",
"summary": "1399546",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1399546"
},
{
"category": "external",
"summary": "1553413",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1553413"
},
{
"category": "external",
"summary": "1601614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614"
},
{
"category": "external",
"summary": "1601616",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601616"
},
{
"category": "external",
"summary": "1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "external",
"summary": "1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "1850004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004"
},
{
"category": "external",
"summary": "2124682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124682"
},
{
"category": "external",
"summary": "2134291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134291"
},
{
"category": "external",
"summary": "2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "2135770",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770"
},
{
"category": "external",
"summary": "2135771",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135771"
},
{
"category": "external",
"summary": "2145194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194"
},
{
"category": "external",
"summary": "2155682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155682"
},
{
"category": "external",
"summary": "2155970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155970"
},
{
"category": "external",
"summary": "JBEAP-23864",
"url": "https://issues.redhat.com/browse/JBEAP-23864"
},
{
"category": "external",
"summary": "JBEAP-23865",
"url": "https://issues.redhat.com/browse/JBEAP-23865"
},
{
"category": "external",
"summary": "JBEAP-23866",
"url": "https://issues.redhat.com/browse/JBEAP-23866"
},
{
"category": "external",
"summary": "JBEAP-23926",
"url": "https://issues.redhat.com/browse/JBEAP-23926"
},
{
"category": "external",
"summary": "JBEAP-24055",
"url": "https://issues.redhat.com/browse/JBEAP-24055"
},
{
"category": "external",
"summary": "JBEAP-24081",
"url": "https://issues.redhat.com/browse/JBEAP-24081"
},
{
"category": "external",
"summary": "JBEAP-24095",
"url": "https://issues.redhat.com/browse/JBEAP-24095"
},
{
"category": "external",
"summary": "JBEAP-24100",
"url": "https://issues.redhat.com/browse/JBEAP-24100"
},
{
"category": "external",
"summary": "JBEAP-24127",
"url": "https://issues.redhat.com/browse/JBEAP-24127"
},
{
"category": "external",
"summary": "JBEAP-24128",
"url": "https://issues.redhat.com/browse/JBEAP-24128"
},
{
"category": "external",
"summary": "JBEAP-24132",
"url": "https://issues.redhat.com/browse/JBEAP-24132"
},
{
"category": "external",
"summary": "JBEAP-24147",
"url": "https://issues.redhat.com/browse/JBEAP-24147"
},
{
"category": "external",
"summary": "JBEAP-24167",
"url": "https://issues.redhat.com/browse/JBEAP-24167"
},
{
"category": "external",
"summary": "JBEAP-24191",
"url": "https://issues.redhat.com/browse/JBEAP-24191"
},
{
"category": "external",
"summary": "JBEAP-24195",
"url": "https://issues.redhat.com/browse/JBEAP-24195"
},
{
"category": "external",
"summary": "JBEAP-24207",
"url": "https://issues.redhat.com/browse/JBEAP-24207"
},
{
"category": "external",
"summary": "JBEAP-24248",
"url": "https://issues.redhat.com/browse/JBEAP-24248"
},
{
"category": "external",
"summary": "JBEAP-24426",
"url": "https://issues.redhat.com/browse/JBEAP-24426"
},
{
"category": "external",
"summary": "JBEAP-24427",
"url": "https://issues.redhat.com/browse/JBEAP-24427"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_0552.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update",
"tracking": {
"current_release_date": "2025-10-13T04:53:26+00:00",
"generator": {
"date": "2025-10-13T04:53:26+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2023:0552",
"initial_release_date": "2023-01-31T13:15:22+00:00",
"revision_history": [
{
"date": "2023-01-31T13:15:22+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-01-31T13:15:22+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-13T04:53:26+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product": {
"name": "Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src",
"product_id": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-woodstox-core@6.4.0-1.redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"product": {
"name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"product_id": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-java8@2.12.7-1.redhat_00003.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-elytron-web@1.9.3-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"product": {
"name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"product_id": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-databind@2.12.7-1.redhat_00003.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"product": {
"name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"product_id": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-javaee-security-soteria@1.0.1-3.redhat_00003.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"product": {
"name": "eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"product_id": "eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-providers@2.12.7-1.redhat_00003.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"product": {
"name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"product_id": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-annotations@2.12.7-1.redhat_00003.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"product": {
"name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"product_id": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jettison@1.5.2-1.redhat_00002.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"product": {
"name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"product_id": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-core@2.12.7-1.redhat_00003.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"product": {
"name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"product_id": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-base@2.12.7-1.redhat_00003.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"product_id": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.2.22-1.SP3_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-remoting@5.0.27-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.3.16-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.5.10-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-jsp-api_2.3_spec@2.0.0-3.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"product_id": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-sshd@2.9.2-1.redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.49-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"product_id": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-jsf-api_2.3_spec@3.0.0-6.SP07_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search@5.10.13-3.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.15.16-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"product": {
"name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"product_id": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-24.Final_redhat_00023.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"product": {
"name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"product_id": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.4.9-4.GA_redhat_00003.1.el7eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-woodstox-core@6.4.0-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product_id": "eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-datatype-jdk8@2.12.7-1.redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product_id": "eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-datatype-jsr310@2.12.7-1.redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product_id": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-java8@2.12.7-1.redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow-server@1.9.3-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product_id": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-databind@2.12.7-1.redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"product_id": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-javaee-security-soteria@1.0.1-3.redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"product_id": "eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-javaee-security-soteria-enterprise@1.0.1-3.redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product_id": "eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-base@2.12.7-1.redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product_id": "eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-json-provider@2.12.7-1.redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product_id": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-annotations@2.12.7-1.redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"product_id": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jettison@1.5.2-1.redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product_id": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-core@2.12.7-1.redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product_id": "eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-module-jaxb-annotations@2.12.7-1.redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product_id": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-base@2.12.7-1.redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.2.22-1.SP3_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-remoting@5.0.27-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.3.16-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.5.10-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-api@1.5.10-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-impl@1.5.10-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-spi@1.5.10-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-api@1.5.10-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-impl@1.5.10-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-deployers-common@1.5.10-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-jdbc@1.5.10-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-validator@1.5.10-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-jsp-api_2.3_spec@2.0.0-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-sshd@2.9.2-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.49-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-jsf-api_2.3_spec@3.0.0-6.SP07_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search@5.10.13-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search-backend-jgroups@5.10.13-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search-backend-jms@5.10.13-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search-engine@5.10.13-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search-orm@5.10.13-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search-serialization-avro@5.10.13-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.15.16-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron-tool@1.15.16-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-24.Final_redhat_00023.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.10.0-24.Final_redhat_00023.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.10.0-24.Final_redhat_00023.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"product_id": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.4.9-4.GA_redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"product_id": "eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk11@7.4.9-4.GA_redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"product_id": "eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk8@7.4.9-4.GA_redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"product_id": "eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.4.9-4.GA_redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"product_id": "eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.4.9-4.GA_redhat_00003.1.el7eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src"
},
"product_reference": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src"
},
"product_reference": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src"
},
"product_reference": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src"
},
"product_reference": "eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src"
},
"product_reference": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src"
},
"product_reference": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src"
},
"product_reference": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src"
},
"product_reference": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src"
},
"product_reference": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src"
},
"product_reference": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-9251",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2016-11-27T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1399546"
}
],
"notes": [
{
"category": "description",
"text": "jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Cross-site scripting via cross-domain ajax requests",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-9251"
},
{
"category": "external",
"summary": "RHBZ#1399546",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1399546"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-9251",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9251"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-9251",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-9251"
}
],
"release_date": "2015-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jquery: Cross-site scripting via cross-domain ajax requests"
},
{
"cve": "CVE-2016-10735",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668097"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the data-target attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-10735"
},
{
"category": "external",
"summary": "RHBZ#1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10735"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735"
}
],
"release_date": "2016-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "bootstrap: XSS in the data-target attribute"
},
{
"cve": "CVE-2017-18214",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2018-03-08T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1553413"
}
],
"notes": [
{
"category": "description",
"text": "The moment module before 2.19.3 for Node.js is prone to a regular expression denial of service via a crafted date string, a different vulnerability than CVE-2016-4055.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-moment: Regular expression denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of momentjs as shipped with Red Hat Enterprise Satellite 5. Red Hat Product Security has rated this issue as having security impact of Moderate. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.\n\nIn Quay 3.10 and above, no version of affected momentjs is present.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-18214"
},
{
"category": "external",
"summary": "RHBZ#1553413",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1553413"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-18214",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18214"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-18214",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-18214"
}
],
"release_date": "2017-09-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "nodejs-moment: Regular expression denial of service"
},
{
"cve": "CVE-2018-14040",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601614"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14040"
},
{
"category": "external",
"summary": "RHBZ#1601614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14040",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14040"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute"
},
{
"cve": "CVE-2018-14041",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601616"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting, caused by improper validation of user-supplied input by the data-target property of scrollspy. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14041"
},
{
"category": "external",
"summary": "RHBZ#1601616",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601616"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14041",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14041"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14041",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14041"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy"
},
{
"cve": "CVE-2018-14042",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601617"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14042"
},
{
"category": "external",
"summary": "RHBZ#1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14042",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14042"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip"
},
{
"cve": "CVE-2019-8331",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-02-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1686454"
}
],
"notes": [
{
"category": "description",
"text": "A cross-site scripting vulnerability was discovered in bootstrap. If an attacker could control the data given to tooltip or popover, they could inject HTML or Javascript into the rendered page when tooltip or popover events fired.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the tooltip or popover data-template attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-8331"
},
{
"category": "external",
"summary": "RHBZ#1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-8331",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8331"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331"
}
],
"release_date": "2019-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "bootstrap: XSS in the tooltip or popover data-template attribute"
},
{
"cve": "CVE-2019-11358",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-03-28T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1701972"
}
],
"notes": [
{
"category": "description",
"text": "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-11358"
},
{
"category": "external",
"summary": "RHBZ#1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/",
"url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/"
},
{
"category": "external",
"summary": "https://www.drupal.org/sa-core-2019-006",
"url": "https://www.drupal.org/sa-core-2019-006"
}
],
"release_date": "2019-03-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection"
},
{
"cve": "CVE-2020-11022",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-04-23T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1828406"
}
],
"notes": [
{
"category": "description",
"text": "A Cross-site scripting (XSS) vulnerability exists in JQuery. This flaw allows an attacker with the ability to supply input to the \u2018HTML\u2019 function to inject Javascript into the page where that input is rendered, and have it delivered by the browser.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "No supported release of Red Hat OpenStack Platform is affected by this vulnerability as no shipped packages contain the vulnerable code.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11022"
},
{
"category": "external",
"summary": "RHBZ#1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11022",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2",
"url": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2"
}
],
"release_date": "2020-04-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method"
},
{
"cve": "CVE-2020-11023",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-06-23T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1850004"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jQuery. HTML containing \\\u003coption\\\u003e elements from untrusted sources are passed, even after sanitizing, to one of jQuery\u0027s DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux versions 6, 7, and 8 ship a vulnerable version of JQuery in the `pcs` component. As PCS does not accept untrusted input, the vulnerable code cannot be controlled by an attacker.\n\nMultiple Red Hat offerings use doxygen to build documentation. During this process an affected jquery.js file can be included in the resulting package. The \u0027gcc\u0027 and \u0027tbb\u0027 packages were potentially vulnerable via this method.\n\nOpenShift Container Platform 4 is not affected because even though it uses the \u0027gcc\u0027 component, vulnerable code is limited within the libstdc++-docs rpm package, which is not shipped.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nStatic code analysis controls ensure that security flaws, including XSS vulnerabilities, are detected early in development by scanning code for improper input handling. This prevents vulnerable code from reaching production and encourages our developers to follow secure coding practices. System monitoring controls play a crucial role in detecting and responding to XSS attacks by analyzing logs, monitoring user behavior, and generating alerts for suspicious activity. Meanwhile, AWS WAF (Web Application Firewall) adds an extra layer of defense by filtering and blocking malicious input before it reaches the platform and/or application. Together, these controls create a defense-in-depth approach, reducing the risk of XSS exploitation by preventing, detecting, and mitigating attacks at multiple levels.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11023"
},
{
"category": "external",
"summary": "RHBZ#1850004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/",
"url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2020-04-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2025-01-23T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Low"
}
],
"title": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods"
},
{
"cve": "CVE-2022-3143",
"cwe": {
"id": "CWE-208",
"name": "Observable Timing Discrepancy"
},
"discovery_date": "2022-09-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2124682"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly-elytron. Wildfly-elytron uses java.util.Arrays.equals in several places, which is unsafe and vulnerable to timing attacks. To compare values securely, use java.security.MessageDigest.isEqual instead. This flaw allows an attacker to access secure information or impersonate an authed user.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly-elytron: possible timing attacks via use of unsafe comparator",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-3143"
},
{
"category": "external",
"summary": "RHBZ#2124682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124682"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-3143",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3143"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3143",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3143"
}
],
"release_date": "2022-09-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly-elytron: possible timing attacks via use of unsafe comparator"
},
{
"cve": "CVE-2022-40149",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-10-18T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135771"
}
],
"notes": [
{
"category": "description",
"text": "A stack-based buffer overflow vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. This flaw allows an attacker to supply content that causes the parser to crash by writing outside the memory bounds if the parser is running on user-supplied input, resulting in a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: parser crash by stackoverflow",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40149"
},
{
"category": "external",
"summary": "RHBZ#2135771",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135771"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40149",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40149"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149"
},
{
"category": "external",
"summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1",
"url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1"
}
],
"release_date": "2022-09-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jettison: parser crash by stackoverflow"
},
{
"cve": "CVE-2022-40150",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-10-18T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135770"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. If the parser is running on user-supplied input, an attacker may supply content that causes the parser to crash, causing memory exhaustion. This effect may support a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: memory exhaustion via user-supplied XML or JSON data",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40150"
},
{
"category": "external",
"summary": "RHBZ#2135770",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40150",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40150"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150"
},
{
"category": "external",
"summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1",
"url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1"
}
],
"release_date": "2022-09-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jettison: memory exhaustion via user-supplied XML or JSON data"
},
{
"cve": "CVE-2022-40152",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-10-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2134291"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the FasterXML/woodstox package. This flaw allows an attacker to cause a denial of service (DoS) in its target via XML serialization. An attacker may benefit from the parser sending a malicious input that may cause a crash. This vulnerability is only relevant for users using the DTD parsing functionality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40152"
},
{
"category": "external",
"summary": "RHBZ#2134291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134291"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40152",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40152"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40152",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40152"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-3f7h-mf4q-vrm4",
"url": "https://github.com/advisories/GHSA-3f7h-mf4q-vrm4"
}
],
"release_date": "2022-09-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks"
},
{
"cve": "CVE-2022-42003",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135244"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42003"
},
{
"category": "external",
"summary": "RHBZ#2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42003",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS"
},
{
"cve": "CVE-2022-42004",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135247"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: use of deeply nested arrays",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42004"
},
{
"category": "external",
"summary": "RHBZ#2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42004",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: use of deeply nested arrays"
},
{
"cve": "CVE-2022-45047",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-11-23T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2145194"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache MINA SSHD, when using Java deserialization to load a serialized java.security.PrivateKey. An attacker could benefit from unsafe deserialization by inserting unsecured data that may affect the application or server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mina-sshd: Java unsafe deserialization vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Impact as High as there\u0027s a mitigation for minimizing the impact which the flaw requires org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to be impacted, which would require an external/public API for an attacker to benefit from it. \n\nRed Hat Fuse 7 and Red Hat JBoss Enterprise Application Platform 7 have a lower rate (moderate) as it\u0027s very unlikely to be exploited since those are for internal usage or use a custom implementation in their case.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45047"
},
{
"category": "external",
"summary": "RHBZ#2145194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45047",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45047"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047"
},
{
"category": "external",
"summary": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html",
"url": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html"
}
],
"release_date": "2022-11-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
},
{
"category": "workaround",
"details": "From the maintainer:\n\nFor Apache MINA SSHD \u003c= 2.9.1, do not use org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to generate and later load your server\u0027s host key. Use separately generated host key files, for instance in OpenSSH format, and load them via a org.apache.sshd.common.keyprovider.FileKeyPairProvider instead. Or use a custom implementation instead of \nSimpleGeneratorHostKeyProvider that uses the OpenSSH format for storing and loading the host key (via classes OpenSSHKeyPairResourceWriter and OpenSSHKeyPairResourceParser).",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mina-sshd: Java unsafe deserialization vulnerability"
},
{
"cve": "CVE-2022-45693",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-12-23T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155970"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jettison, where it is vulnerable to a denial of service caused by a stack-based buffer overflow. By sending a specially-crafted request using the map parameter, a remote attacker can cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat has determined the impact of this flaw to be Moderate; a successful attack using this flaw would require the processing of untrusted, unsanitized, or unrestricted user inputs, which runs counter to established Red Hat security practices.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45693"
},
{
"category": "external",
"summary": "RHBZ#2155970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155970"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45693",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45693"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45693",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45693"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos"
},
{
"cve": "CVE-2022-46364",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2022-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155682"
}
],
"notes": [
{
"category": "description",
"text": "A SSRF vulnerability was found in Apache CXF. This issue occurs when parsing the href attribute of XOP:Include in MTOM requests, allowing an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "CXF: SSRF Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Integration Camel Quarkus does not support CXF extensions and so is affected at a reduced impact of Moderate.\nThe RHSSO server does not ship Apache CXF. The component mentioned in CVE-2022-46364 is a transitive dependency coming from Fuse adapters and the test suite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-46364"
},
{
"category": "external",
"summary": "RHBZ#2155682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155682"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-46364",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46364"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46364",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46364"
},
{
"category": "external",
"summary": "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1\u0026modificationDate=1670944472739\u0026api=v2",
"url": "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1\u0026modificationDate=1670944472739\u0026api=v2"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "CXF: SSRF Vulnerability"
}
]
}
rhsa-2019_3023
Vulnerability from csaf_redhat
Published
2019-10-10 15:38
Modified
2024-11-13 22:09
Summary
Red Hat Security Advisory: ovirt-engine-ui-extensions security and bug fix update
Notes
Topic
An update for ovirt-engine-ui-extensions is now available for Red Hat Virtualization Engine 4.3.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The ovirt-engine-ui-extensions package contains UI plugins that provide various extensions to the oVirt administration UI.
Security Fix(es):
* bootstrap: XSS in the data-target attribute (CVE-2016-10735)
* bootstrap: XSS in the tooltip data-viewport attribute (CVE-2018-20676)
* bootstrap: XSS in the affix configuration target property (CVE-2018-20677)
* bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331)
* js-jquery: prototype pollution in object's prototype leading to denial of service or remote code execution or property injection (CVE-2019-11358)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* Known moderate severity security vulnerability detected by GitHub on ovirt-engine-ui-extensions components (BZ#1694035)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for ovirt-engine-ui-extensions is now available for Red Hat Virtualization Engine 4.3.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The ovirt-engine-ui-extensions package contains UI plugins that provide various extensions to the oVirt administration UI.\n\nSecurity Fix(es):\n\n* bootstrap: XSS in the data-target attribute (CVE-2016-10735)\n\n* bootstrap: XSS in the tooltip data-viewport attribute (CVE-2018-20676)\n\n* bootstrap: XSS in the affix configuration target property (CVE-2018-20677)\n\n* bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331)\n\n* js-jquery: prototype pollution in object\u0027s prototype leading to denial of service or remote code execution or property injection (CVE-2019-11358)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Known moderate severity security vulnerability detected by GitHub on ovirt-engine-ui-extensions components (BZ#1694035)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2019:3023",
"url": "https://access.redhat.com/errata/RHSA-2019:3023"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1668082",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668082"
},
{
"category": "external",
"summary": "1668089",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668089"
},
{
"category": "external",
"summary": "1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "external",
"summary": "1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "1752576",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1752576"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_3023.json"
}
],
"title": "Red Hat Security Advisory: ovirt-engine-ui-extensions security and bug fix update",
"tracking": {
"current_release_date": "2024-11-13T22:09:27+00:00",
"generator": {
"date": "2024-11-13T22:09:27+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.0"
}
},
"id": "RHSA-2019:3023",
"initial_release_date": "2019-10-10T15:38:32+00:00",
"revision_history": [
{
"date": "2019-10-10T15:38:32+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2019-10-10T15:38:32+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-13T22:09:27+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHV-M 4.3",
"product": {
"name": "RHV-M 4.3",
"product_id": "7Server-RHV-S-4.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhev_manager:4.3"
}
}
}
],
"category": "product_family",
"name": "Red Hat Virtualization"
},
{
"branches": [
{
"category": "product_version",
"name": "ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch",
"product": {
"name": "ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch",
"product_id": "ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-ui-extensions@1.0.10-1.el7ev?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src",
"product": {
"name": "ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src",
"product_id": "ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-ui-extensions@1.0.10-1.el7ev?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch as a component of RHV-M 4.3",
"product_id": "7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch"
},
"product_reference": "ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch",
"relates_to_product_reference": "7Server-RHV-S-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src as a component of RHV-M 4.3",
"product_id": "7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src"
},
"product_reference": "ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src",
"relates_to_product_reference": "7Server-RHV-S-4.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-10735",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668097"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the data-target attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-10735"
},
{
"category": "external",
"summary": "RHBZ#1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10735"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735"
}
],
"release_date": "2016-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-10-10T15:38:32+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3023"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the data-target attribute"
},
{
"cve": "CVE-2018-20676",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668082"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting, caused by improper validation of user-supplied input by the tooltip data-viewport attribute. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the tooltip data-viewport attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions do not use the vulnerable component at all.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-20676"
},
{
"category": "external",
"summary": "RHBZ#1668082",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668082"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-20676",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20676"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20676",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20676"
}
],
"release_date": "2018-08-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-10-10T15:38:32+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3023"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the tooltip data-viewport attribute"
},
{
"cve": "CVE-2018-20677",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668089"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting caused by improper validation of user-supplied input by the affix configuration target property. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the affix configuration target property",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions do not use the vulnerable component at all.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-20677"
},
{
"category": "external",
"summary": "RHBZ#1668089",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668089"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-20677",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20677"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20677",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20677"
}
],
"release_date": "2018-08-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-10-10T15:38:32+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3023"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the affix configuration target property"
},
{
"cve": "CVE-2019-8331",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-02-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1686454"
}
],
"notes": [
{
"category": "description",
"text": "A cross-site scripting vulnerability was discovered in bootstrap. If an attacker could control the data given to tooltip or popover, they could inject HTML or Javascript into the rendered page when tooltip or popover events fired.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the tooltip or popover data-template attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-8331"
},
{
"category": "external",
"summary": "RHBZ#1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-8331",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8331"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331"
}
],
"release_date": "2019-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-10-10T15:38:32+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3023"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the tooltip or popover data-template attribute"
},
{
"cve": "CVE-2019-11358",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-03-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1701972"
}
],
"notes": [
{
"category": "description",
"text": "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-11358"
},
{
"category": "external",
"summary": "RHBZ#1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/",
"url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/"
},
{
"category": "external",
"summary": "https://www.drupal.org/sa-core-2019-006",
"url": "https://www.drupal.org/sa-core-2019-006"
}
],
"release_date": "2019-03-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-10-10T15:38:32+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3023"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection"
}
]
}
rhsa-2020:4670
Vulnerability from csaf_redhat
Published
2020-11-04 01:31
Modified
2025-10-13 04:53
Summary
Red Hat Security Advisory: idm:DL1 and idm:client security, bug fix, and enhancement update
Notes
Topic
An update for the idm:DL1 and idm:client modules is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments.
The following packages have been upgraded to a later upstream version: ipa (4.8.7), softhsm (2.6.0), opendnssec (2.1.6). (BZ#1759888, BZ#1818765, BZ#1818877)
Security Fix(es):
* js-jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251)
* bootstrap: XSS in the data-target attribute (CVE-2016-10735)
* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)
* bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip (CVE-2018-14042)
* bootstrap: XSS in the tooltip data-viewport attribute (CVE-2018-20676)
* bootstrap: XSS in the affix configuration target property (CVE-2018-20677)
* bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331)
* js-jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection (CVE-2019-11358)
* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)
* ipa: No password length restriction leads to denial of service (CVE-2020-1722)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for the idm:DL1 and idm:client modules is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. \n\nThe following packages have been upgraded to a later upstream version: ipa (4.8.7), softhsm (2.6.0), opendnssec (2.1.6). (BZ#1759888, BZ#1818765, BZ#1818877)\n\nSecurity Fix(es):\n\n* js-jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251)\n\n* bootstrap: XSS in the data-target attribute (CVE-2016-10735)\n\n* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)\n\n* bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip (CVE-2018-14042)\n\n* bootstrap: XSS in the tooltip data-viewport attribute (CVE-2018-20676)\n\n* bootstrap: XSS in the affix configuration target property (CVE-2018-20677)\n\n* bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331)\n\n* js-jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection (CVE-2019-11358)\n\n* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)\n\n* ipa: No password length restriction leads to denial of service (CVE-2020-1722)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:4670",
"url": "https://access.redhat.com/errata/RHSA-2020:4670"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.3_release_notes/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.3_release_notes/"
},
{
"category": "external",
"summary": "1399546",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1399546"
},
{
"category": "external",
"summary": "1430365",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1430365"
},
{
"category": "external",
"summary": "1488732",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1488732"
},
{
"category": "external",
"summary": "1585020",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1585020"
},
{
"category": "external",
"summary": "1601614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614"
},
{
"category": "external",
"summary": "1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "1651577",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1651577"
},
{
"category": "external",
"summary": "1668082",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668082"
},
{
"category": "external",
"summary": "1668089",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668089"
},
{
"category": "external",
"summary": "1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "external",
"summary": "1701233",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701233"
},
{
"category": "external",
"summary": "1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "1746830",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1746830"
},
{
"category": "external",
"summary": "1750893",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1750893"
},
{
"category": "external",
"summary": "1751295",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1751295"
},
{
"category": "external",
"summary": "1757045",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1757045"
},
{
"category": "external",
"summary": "1759888",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1759888"
},
{
"category": "external",
"summary": "1768156",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1768156"
},
{
"category": "external",
"summary": "1777806",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1777806"
},
{
"category": "external",
"summary": "1793071",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1793071"
},
{
"category": "external",
"summary": "1801698",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1801698"
},
{
"category": "external",
"summary": "1802471",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1802471"
},
{
"category": "external",
"summary": "1809835",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1809835"
},
{
"category": "external",
"summary": "1810154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1810154"
},
{
"category": "external",
"summary": "1810179",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1810179"
},
{
"category": "external",
"summary": "1813330",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1813330"
},
{
"category": "external",
"summary": "1816784",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816784"
},
{
"category": "external",
"summary": "1818765",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1818765"
},
{
"category": "external",
"summary": "1818877",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1818877"
},
{
"category": "external",
"summary": "1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "1831732",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1831732"
},
{
"category": "external",
"summary": "1831935",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1831935"
},
{
"category": "external",
"summary": "1832331",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1832331"
},
{
"category": "external",
"summary": "1833266",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1833266"
},
{
"category": "external",
"summary": "1834264",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1834264"
},
{
"category": "external",
"summary": "1834909",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1834909"
},
{
"category": "external",
"summary": "1845211",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1845211"
},
{
"category": "external",
"summary": "1845537",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1845537"
},
{
"category": "external",
"summary": "1845596",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1845596"
},
{
"category": "external",
"summary": "1846352",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1846352"
},
{
"category": "external",
"summary": "1846434",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1846434"
},
{
"category": "external",
"summary": "1847999",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1847999"
},
{
"category": "external",
"summary": "1849914",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1849914"
},
{
"category": "external",
"summary": "1851411",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1851411"
},
{
"category": "external",
"summary": "1852244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1852244"
},
{
"category": "external",
"summary": "1853263",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1853263"
},
{
"category": "external",
"summary": "1857157",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857157"
},
{
"category": "external",
"summary": "1858318",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1858318"
},
{
"category": "external",
"summary": "1859213",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1859213"
},
{
"category": "external",
"summary": "1863079",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1863079"
},
{
"category": "external",
"summary": "1863616",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1863616"
},
{
"category": "external",
"summary": "1866291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1866291"
},
{
"category": "external",
"summary": "1866938",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1866938"
},
{
"category": "external",
"summary": "1868432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1868432"
},
{
"category": "external",
"summary": "1869311",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1869311"
},
{
"category": "external",
"summary": "1870202",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1870202"
},
{
"category": "external",
"summary": "1874015",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1874015"
},
{
"category": "external",
"summary": "1875348",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1875348"
},
{
"category": "external",
"summary": "1879604",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1879604"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_4670.json"
}
],
"title": "Red Hat Security Advisory: idm:DL1 and idm:client security, bug fix, and enhancement update",
"tracking": {
"current_release_date": "2025-10-13T04:53:18+00:00",
"generator": {
"date": "2025-10-13T04:53:18+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2020:4670",
"initial_release_date": "2020-11-04T01:31:18+00:00",
"revision_history": [
{
"date": "2020-11-04T01:31:18+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-11-04T01:31:18+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-13T04:53:18+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.src.rpm-idm:DL1",
"product": {
"name": "bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.src.rpm (idm:DL1)",
"product_id": "bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.src.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bind-dyndb-ldap@11.3-1.module%2Bel8.3.0%2B6993%2B104f8db0?arch=src\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "custodia-0.6.0-3.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"product": {
"name": "custodia-0.6.0-3.module+el8.1.0+4098+f286395e.src.rpm (idm:DL1)",
"product_id": "custodia-0.6.0-3.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/custodia@0.6.0-3.module%2Bel8.1.0%2B4098%2Bf286395e?arch=src\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-4.8.7-12.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"product": {
"name": "ipa-4.8.7-12.module+el8.3.0+8222+c1bff54a.src.rpm (idm:DL1)",
"product_id": "ipa-4.8.7-12.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=src\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.src.rpm-idm:DL1",
"product": {
"name": "ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.src.rpm (idm:DL1)",
"product_id": "ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.src.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-healthcheck@0.4-6.module%2Bel8.3.0%2B7710%2Be2408ce4?arch=src\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.src.rpm-idm:DL1",
"product": {
"name": "opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.src.rpm (idm:DL1)",
"product_id": "opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.src.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/opendnssec@2.1.6-2.module%2Bel8.3.0%2B6580%2B328a3362?arch=src\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "python-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"product": {
"name": "python-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.src.rpm (idm:DL1)",
"product_id": "python-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-jwcrypto@0.5.0-1.module%2Bel8.1.0%2B4098%2Bf286395e?arch=src\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "python-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.src.rpm-idm:DL1",
"product": {
"name": "python-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.src.rpm (idm:DL1)",
"product_id": "python-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.src.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-kdcproxy@0.4-5.module%2Bel8.2.0%2B4691%2Ba05b2456?arch=src\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "python-qrcode-5.1-12.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"product": {
"name": "python-qrcode-5.1-12.module+el8.1.0+4098+f286395e.src.rpm (idm:DL1)",
"product_id": "python-qrcode-5.1-12.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-qrcode@5.1-12.module%2Bel8.1.0%2B4098%2Bf286395e?arch=src\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "python-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"product": {
"name": "python-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.src.rpm (idm:DL1)",
"product_id": "python-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-yubico@1.3.2-9.module%2Bel8.1.0%2B4098%2Bf286395e?arch=src\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"product": {
"name": "pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.src.rpm (idm:DL1)",
"product_id": "pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pyusb@1.0.0-9.module%2Bel8.1.0%2B4098%2Bf286395e?arch=src\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"product": {
"name": "slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.src.rpm (idm:DL1)",
"product_id": "slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slapi-nis@0.56.5-4.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=src\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.src.rpm-idm:DL1",
"product": {
"name": "softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.src.rpm (idm:DL1)",
"product_id": "softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.src.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/softhsm@2.6.0-3.module%2Bel8.3.0%2B6909%2Bfb33717d?arch=src\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-4.8.7-12.module+el8.3.0+8223+6212645f.src.rpm-idm:client",
"product": {
"name": "ipa-4.8.7-12.module+el8.3.0+8223+6212645f.src.rpm (idm:client)",
"product_id": "ipa-4.8.7-12.module+el8.3.0+8223+6212645f.src.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=src\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "ipa-healthcheck-0.4-6.module+el8.3.0+7711+c4441980.src.rpm-idm:client",
"product": {
"name": "ipa-healthcheck-0.4-6.module+el8.3.0+7711+c4441980.src.rpm (idm:client)",
"product_id": "ipa-healthcheck-0.4-6.module+el8.3.0+7711+c4441980.src.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-healthcheck@0.4-6.module%2Bel8.3.0%2B7711%2Bc4441980?arch=src\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "python-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"product": {
"name": "python-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.src.rpm (idm:client)",
"product_id": "python-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-jwcrypto@0.5.0-1.module%2Bel8.1.0%2B4107%2B4a66eb87?arch=src\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "python-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"product": {
"name": "python-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.src.rpm (idm:client)",
"product_id": "python-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-qrcode@5.1-12.module%2Bel8.1.0%2B4107%2B4a66eb87?arch=src\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "python-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"product": {
"name": "python-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.src.rpm (idm:client)",
"product_id": "python-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-yubico@1.3.2-9.module%2Bel8.1.0%2B4107%2B4a66eb87?arch=src\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"product": {
"name": "pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.src.rpm (idm:client)",
"product_id": "pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pyusb@1.0.0-9.module%2Bel8.1.0%2B4107%2B4a66eb87?arch=src\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"product": {
"name": "bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm (idm:DL1)",
"product_id": "bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bind-dyndb-ldap@11.3-1.module%2Bel8.3.0%2B6993%2B104f8db0?arch=x86_64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"product": {
"name": "bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm (idm:DL1)",
"product_id": "bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bind-dyndb-ldap-debuginfo@11.3-1.module%2Bel8.3.0%2B6993%2B104f8db0?arch=x86_64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"product": {
"name": "bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm (idm:DL1)",
"product_id": "bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bind-dyndb-ldap-debugsource@11.3-1.module%2Bel8.3.0%2B6993%2B104f8db0?arch=x86_64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"product": {
"name": "ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm (idm:DL1)",
"product_id": "ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=x86_64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"product": {
"name": "ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm (idm:DL1)",
"product_id": "ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=x86_64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"product": {
"name": "ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm (idm:DL1)",
"product_id": "ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-epn@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=x86_64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"product": {
"name": "ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm (idm:DL1)",
"product_id": "ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-samba@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=x86_64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"product": {
"name": "ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm (idm:DL1)",
"product_id": "ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=x86_64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"product": {
"name": "ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm (idm:DL1)",
"product_id": "ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-debugsource@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=x86_64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"product": {
"name": "ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm (idm:DL1)",
"product_id": "ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=x86_64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"product": {
"name": "ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm (idm:DL1)",
"product_id": "ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=x86_64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"product": {
"name": "ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm (idm:DL1)",
"product_id": "ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server-trust-ad@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=x86_64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"product": {
"name": "ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm (idm:DL1)",
"product_id": "ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server-trust-ad-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=x86_64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"product": {
"name": "opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm (idm:DL1)",
"product_id": "opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/opendnssec@2.1.6-2.module%2Bel8.3.0%2B6580%2B328a3362?arch=x86_64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"product": {
"name": "opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm (idm:DL1)",
"product_id": "opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/opendnssec-debuginfo@2.1.6-2.module%2Bel8.3.0%2B6580%2B328a3362?arch=x86_64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"product": {
"name": "opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm (idm:DL1)",
"product_id": "opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/opendnssec-debugsource@2.1.6-2.module%2Bel8.3.0%2B6580%2B328a3362?arch=x86_64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"product": {
"name": "slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm (idm:DL1)",
"product_id": "slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slapi-nis@0.56.5-4.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=x86_64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"product": {
"name": "slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm (idm:DL1)",
"product_id": "slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slapi-nis-debuginfo@0.56.5-4.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=x86_64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"product": {
"name": "slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm (idm:DL1)",
"product_id": "slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slapi-nis-debugsource@0.56.5-4.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=x86_64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"product": {
"name": "softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm (idm:DL1)",
"product_id": "softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/softhsm@2.6.0-3.module%2Bel8.3.0%2B6909%2Bfb33717d?arch=x86_64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"product": {
"name": "softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm (idm:DL1)",
"product_id": "softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/softhsm-debuginfo@2.6.0-3.module%2Bel8.3.0%2B6909%2Bfb33717d?arch=x86_64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"product": {
"name": "softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm (idm:DL1)",
"product_id": "softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/softhsm-debugsource@2.6.0-3.module%2Bel8.3.0%2B6909%2Bfb33717d?arch=x86_64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"product": {
"name": "softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm (idm:DL1)",
"product_id": "softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/softhsm-devel@2.6.0-3.module%2Bel8.3.0%2B6909%2Bfb33717d?arch=x86_64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"product": {
"name": "ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm (idm:client)",
"product_id": "ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=x86_64\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"product": {
"name": "ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm (idm:client)",
"product_id": "ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=x86_64\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"product": {
"name": "ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm (idm:client)",
"product_id": "ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-epn@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=x86_64\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"product": {
"name": "ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm (idm:client)",
"product_id": "ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-samba@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=x86_64\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"product": {
"name": "ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm (idm:client)",
"product_id": "ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=x86_64\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"product": {
"name": "ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm (idm:client)",
"product_id": "ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-debugsource@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=x86_64\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"product": {
"name": "custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm (idm:DL1)",
"product_id": "custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/custodia@0.6.0-3.module%2Bel8.1.0%2B4098%2Bf286395e?arch=noarch\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-client-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"product": {
"name": "ipa-client-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm (idm:DL1)",
"product_id": "ipa-client-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-common@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=noarch\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"product": {
"name": "ipa-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm (idm:DL1)",
"product_id": "ipa-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-common@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=noarch\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"product": {
"name": "ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm (idm:DL1)",
"product_id": "ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-healthcheck@0.4-6.module%2Bel8.3.0%2B7710%2Be2408ce4?arch=noarch\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-healthcheck-core-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"product": {
"name": "ipa-healthcheck-core-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm (idm:DL1)",
"product_id": "ipa-healthcheck-core-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-healthcheck-core@0.4-6.module%2Bel8.3.0%2B7710%2Be2408ce4?arch=noarch\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-python-compat-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"product": {
"name": "ipa-python-compat-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm (idm:DL1)",
"product_id": "ipa-python-compat-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-python-compat@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=noarch\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-selinux-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"product": {
"name": "ipa-selinux-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm (idm:DL1)",
"product_id": "ipa-selinux-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-selinux@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=noarch\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-server-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"product": {
"name": "ipa-server-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm (idm:DL1)",
"product_id": "ipa-server-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server-common@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=noarch\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-server-dns-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"product": {
"name": "ipa-server-dns-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm (idm:DL1)",
"product_id": "ipa-server-dns-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server-dns@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=noarch\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"product": {
"name": "python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm (idm:DL1)",
"product_id": "python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-custodia@0.6.0-3.module%2Bel8.1.0%2B4098%2Bf286395e?arch=noarch\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "python3-ipaclient-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"product": {
"name": "python3-ipaclient-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm (idm:DL1)",
"product_id": "python3-ipaclient-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-ipaclient@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=noarch\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "python3-ipalib-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"product": {
"name": "python3-ipalib-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm (idm:DL1)",
"product_id": "python3-ipalib-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-ipalib@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=noarch\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "python3-ipaserver-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"product": {
"name": "python3-ipaserver-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm (idm:DL1)",
"product_id": "python3-ipaserver-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-ipaserver@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=noarch\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"product": {
"name": "python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.noarch.rpm (idm:DL1)",
"product_id": "python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-jwcrypto@0.5.0-1.module%2Bel8.1.0%2B4098%2Bf286395e?arch=noarch\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch.rpm-idm:DL1",
"product": {
"name": "python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch.rpm (idm:DL1)",
"product_id": "python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-kdcproxy@0.4-5.module%2Bel8.2.0%2B4691%2Ba05b2456?arch=noarch\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"product": {
"name": "python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.noarch.rpm (idm:DL1)",
"product_id": "python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-pyusb@1.0.0-9.module%2Bel8.1.0%2B4098%2Bf286395e?arch=noarch\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "python3-qrcode-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"product": {
"name": "python3-qrcode-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm (idm:DL1)",
"product_id": "python3-qrcode-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-qrcode@5.1-12.module%2Bel8.1.0%2B4098%2Bf286395e?arch=noarch\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"product": {
"name": "python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm (idm:DL1)",
"product_id": "python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-qrcode-core@5.1-12.module%2Bel8.1.0%2B4098%2Bf286395e?arch=noarch\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"product": {
"name": "python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch.rpm (idm:DL1)",
"product_id": "python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-yubico@1.3.2-9.module%2Bel8.1.0%2B4098%2Bf286395e?arch=noarch\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-client-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"product": {
"name": "ipa-client-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm (idm:client)",
"product_id": "ipa-client-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-common@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=noarch\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "ipa-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"product": {
"name": "ipa-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm (idm:client)",
"product_id": "ipa-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-common@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=noarch\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "ipa-healthcheck-core-0.4-6.module+el8.3.0+7711+c4441980.noarch.rpm-idm:client",
"product": {
"name": "ipa-healthcheck-core-0.4-6.module+el8.3.0+7711+c4441980.noarch.rpm (idm:client)",
"product_id": "ipa-healthcheck-core-0.4-6.module+el8.3.0+7711+c4441980.noarch.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-healthcheck-core@0.4-6.module%2Bel8.3.0%2B7711%2Bc4441980?arch=noarch\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "ipa-python-compat-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"product": {
"name": "ipa-python-compat-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm (idm:client)",
"product_id": "ipa-python-compat-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-python-compat@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=noarch\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "ipa-selinux-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"product": {
"name": "ipa-selinux-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm (idm:client)",
"product_id": "ipa-selinux-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-selinux@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=noarch\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "python3-ipaclient-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"product": {
"name": "python3-ipaclient-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm (idm:client)",
"product_id": "python3-ipaclient-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-ipaclient@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=noarch\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "python3-ipalib-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"product": {
"name": "python3-ipalib-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm (idm:client)",
"product_id": "python3-ipalib-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-ipalib@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=noarch\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "python3-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"product": {
"name": "python3-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch.rpm (idm:client)",
"product_id": "python3-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-jwcrypto@0.5.0-1.module%2Bel8.1.0%2B4107%2B4a66eb87?arch=noarch\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "python3-pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"product": {
"name": "python3-pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch.rpm (idm:client)",
"product_id": "python3-pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-pyusb@1.0.0-9.module%2Bel8.1.0%2B4107%2B4a66eb87?arch=noarch\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "python3-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"product": {
"name": "python3-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm (idm:client)",
"product_id": "python3-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-qrcode@5.1-12.module%2Bel8.1.0%2B4107%2B4a66eb87?arch=noarch\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "python3-qrcode-core-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"product": {
"name": "python3-qrcode-core-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm (idm:client)",
"product_id": "python3-qrcode-core-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-qrcode-core@5.1-12.module%2Bel8.1.0%2B4107%2B4a66eb87?arch=noarch\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "python3-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"product": {
"name": "python3-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch.rpm (idm:client)",
"product_id": "python3-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-yubico@1.3.2-9.module%2Bel8.1.0%2B4107%2B4a66eb87?arch=noarch\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"product": {
"name": "bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm (idm:DL1)",
"product_id": "bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bind-dyndb-ldap@11.3-1.module%2Bel8.3.0%2B6993%2B104f8db0?arch=s390x\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"product": {
"name": "bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm (idm:DL1)",
"product_id": "bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bind-dyndb-ldap-debuginfo@11.3-1.module%2Bel8.3.0%2B6993%2B104f8db0?arch=s390x\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"product": {
"name": "bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm (idm:DL1)",
"product_id": "bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bind-dyndb-ldap-debugsource@11.3-1.module%2Bel8.3.0%2B6993%2B104f8db0?arch=s390x\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"product": {
"name": "ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm (idm:DL1)",
"product_id": "ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=s390x\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"product": {
"name": "ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm (idm:DL1)",
"product_id": "ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=s390x\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"product": {
"name": "ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm (idm:DL1)",
"product_id": "ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-epn@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=s390x\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"product": {
"name": "ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm (idm:DL1)",
"product_id": "ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-samba@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=s390x\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"product": {
"name": "ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm (idm:DL1)",
"product_id": "ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=s390x\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"product": {
"name": "ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm (idm:DL1)",
"product_id": "ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-debugsource@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=s390x\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"product": {
"name": "ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm (idm:DL1)",
"product_id": "ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=s390x\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"product": {
"name": "ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm (idm:DL1)",
"product_id": "ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=s390x\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"product": {
"name": "ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm (idm:DL1)",
"product_id": "ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server-trust-ad@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=s390x\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"product": {
"name": "ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm (idm:DL1)",
"product_id": "ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server-trust-ad-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=s390x\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"product": {
"name": "opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm (idm:DL1)",
"product_id": "opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/opendnssec@2.1.6-2.module%2Bel8.3.0%2B6580%2B328a3362?arch=s390x\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"product": {
"name": "opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm (idm:DL1)",
"product_id": "opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/opendnssec-debuginfo@2.1.6-2.module%2Bel8.3.0%2B6580%2B328a3362?arch=s390x\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"product": {
"name": "opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm (idm:DL1)",
"product_id": "opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/opendnssec-debugsource@2.1.6-2.module%2Bel8.3.0%2B6580%2B328a3362?arch=s390x\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"product": {
"name": "slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm (idm:DL1)",
"product_id": "slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slapi-nis@0.56.5-4.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=s390x\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"product": {
"name": "slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm (idm:DL1)",
"product_id": "slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slapi-nis-debuginfo@0.56.5-4.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=s390x\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"product": {
"name": "slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm (idm:DL1)",
"product_id": "slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slapi-nis-debugsource@0.56.5-4.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=s390x\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"product": {
"name": "softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm (idm:DL1)",
"product_id": "softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/softhsm@2.6.0-3.module%2Bel8.3.0%2B6909%2Bfb33717d?arch=s390x\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"product": {
"name": "softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm (idm:DL1)",
"product_id": "softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/softhsm-debuginfo@2.6.0-3.module%2Bel8.3.0%2B6909%2Bfb33717d?arch=s390x\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"product": {
"name": "softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm (idm:DL1)",
"product_id": "softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/softhsm-debugsource@2.6.0-3.module%2Bel8.3.0%2B6909%2Bfb33717d?arch=s390x\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"product": {
"name": "softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm (idm:DL1)",
"product_id": "softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/softhsm-devel@2.6.0-3.module%2Bel8.3.0%2B6909%2Bfb33717d?arch=s390x\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"product": {
"name": "ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm (idm:client)",
"product_id": "ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=s390x\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"product": {
"name": "ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm (idm:client)",
"product_id": "ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=s390x\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"product": {
"name": "ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm (idm:client)",
"product_id": "ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-epn@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=s390x\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"product": {
"name": "ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm (idm:client)",
"product_id": "ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-samba@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=s390x\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"product": {
"name": "ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm (idm:client)",
"product_id": "ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=s390x\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"product": {
"name": "ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm (idm:client)",
"product_id": "ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-debugsource@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=s390x\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"product": {
"name": "bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm (idm:DL1)",
"product_id": "bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bind-dyndb-ldap@11.3-1.module%2Bel8.3.0%2B6993%2B104f8db0?arch=ppc64le\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"product": {
"name": "bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm (idm:DL1)",
"product_id": "bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bind-dyndb-ldap-debuginfo@11.3-1.module%2Bel8.3.0%2B6993%2B104f8db0?arch=ppc64le\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"product": {
"name": "bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm (idm:DL1)",
"product_id": "bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bind-dyndb-ldap-debugsource@11.3-1.module%2Bel8.3.0%2B6993%2B104f8db0?arch=ppc64le\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"product": {
"name": "ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm (idm:DL1)",
"product_id": "ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=ppc64le\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"product": {
"name": "ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm (idm:DL1)",
"product_id": "ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=ppc64le\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"product": {
"name": "ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm (idm:DL1)",
"product_id": "ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-epn@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=ppc64le\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"product": {
"name": "ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm (idm:DL1)",
"product_id": "ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-samba@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=ppc64le\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"product": {
"name": "ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm (idm:DL1)",
"product_id": "ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=ppc64le\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"product": {
"name": "ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm (idm:DL1)",
"product_id": "ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-debugsource@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=ppc64le\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"product": {
"name": "ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm (idm:DL1)",
"product_id": "ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=ppc64le\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"product": {
"name": "ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm (idm:DL1)",
"product_id": "ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=ppc64le\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"product": {
"name": "ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm (idm:DL1)",
"product_id": "ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server-trust-ad@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=ppc64le\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"product": {
"name": "ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm (idm:DL1)",
"product_id": "ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server-trust-ad-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=ppc64le\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"product": {
"name": "opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm (idm:DL1)",
"product_id": "opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/opendnssec@2.1.6-2.module%2Bel8.3.0%2B6580%2B328a3362?arch=ppc64le\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"product": {
"name": "opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm (idm:DL1)",
"product_id": "opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/opendnssec-debuginfo@2.1.6-2.module%2Bel8.3.0%2B6580%2B328a3362?arch=ppc64le\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"product": {
"name": "opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm (idm:DL1)",
"product_id": "opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/opendnssec-debugsource@2.1.6-2.module%2Bel8.3.0%2B6580%2B328a3362?arch=ppc64le\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"product": {
"name": "slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm (idm:DL1)",
"product_id": "slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slapi-nis@0.56.5-4.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=ppc64le\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"product": {
"name": "slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm (idm:DL1)",
"product_id": "slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slapi-nis-debuginfo@0.56.5-4.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=ppc64le\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"product": {
"name": "slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm (idm:DL1)",
"product_id": "slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slapi-nis-debugsource@0.56.5-4.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=ppc64le\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"product": {
"name": "softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm (idm:DL1)",
"product_id": "softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/softhsm@2.6.0-3.module%2Bel8.3.0%2B6909%2Bfb33717d?arch=ppc64le\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"product": {
"name": "softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm (idm:DL1)",
"product_id": "softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/softhsm-debuginfo@2.6.0-3.module%2Bel8.3.0%2B6909%2Bfb33717d?arch=ppc64le\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"product": {
"name": "softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm (idm:DL1)",
"product_id": "softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/softhsm-debugsource@2.6.0-3.module%2Bel8.3.0%2B6909%2Bfb33717d?arch=ppc64le\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"product": {
"name": "softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm (idm:DL1)",
"product_id": "softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/softhsm-devel@2.6.0-3.module%2Bel8.3.0%2B6909%2Bfb33717d?arch=ppc64le\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"product": {
"name": "ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm (idm:client)",
"product_id": "ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=ppc64le\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"product": {
"name": "ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm (idm:client)",
"product_id": "ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=ppc64le\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"product": {
"name": "ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm (idm:client)",
"product_id": "ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-epn@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=ppc64le\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"product": {
"name": "ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm (idm:client)",
"product_id": "ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-samba@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=ppc64le\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"product": {
"name": "ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm (idm:client)",
"product_id": "ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=ppc64le\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"product": {
"name": "ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm (idm:client)",
"product_id": "ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-debugsource@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=ppc64le\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"product": {
"name": "bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm (idm:DL1)",
"product_id": "bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bind-dyndb-ldap@11.3-1.module%2Bel8.3.0%2B6993%2B104f8db0?arch=aarch64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"product": {
"name": "bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm (idm:DL1)",
"product_id": "bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bind-dyndb-ldap-debuginfo@11.3-1.module%2Bel8.3.0%2B6993%2B104f8db0?arch=aarch64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"product": {
"name": "bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm (idm:DL1)",
"product_id": "bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bind-dyndb-ldap-debugsource@11.3-1.module%2Bel8.3.0%2B6993%2B104f8db0?arch=aarch64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"product": {
"name": "ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm (idm:DL1)",
"product_id": "ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=aarch64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"product": {
"name": "ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm (idm:DL1)",
"product_id": "ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=aarch64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"product": {
"name": "ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm (idm:DL1)",
"product_id": "ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-epn@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=aarch64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"product": {
"name": "ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm (idm:DL1)",
"product_id": "ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-samba@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=aarch64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"product": {
"name": "ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm (idm:DL1)",
"product_id": "ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=aarch64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"product": {
"name": "ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm (idm:DL1)",
"product_id": "ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-debugsource@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=aarch64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"product": {
"name": "ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm (idm:DL1)",
"product_id": "ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=aarch64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"product": {
"name": "ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm (idm:DL1)",
"product_id": "ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=aarch64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"product": {
"name": "ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm (idm:DL1)",
"product_id": "ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server-trust-ad@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=aarch64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"product": {
"name": "ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm (idm:DL1)",
"product_id": "ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server-trust-ad-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=aarch64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"product": {
"name": "opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm (idm:DL1)",
"product_id": "opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/opendnssec@2.1.6-2.module%2Bel8.3.0%2B6580%2B328a3362?arch=aarch64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"product": {
"name": "opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm (idm:DL1)",
"product_id": "opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/opendnssec-debuginfo@2.1.6-2.module%2Bel8.3.0%2B6580%2B328a3362?arch=aarch64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"product": {
"name": "opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm (idm:DL1)",
"product_id": "opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/opendnssec-debugsource@2.1.6-2.module%2Bel8.3.0%2B6580%2B328a3362?arch=aarch64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"product": {
"name": "slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm (idm:DL1)",
"product_id": "slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slapi-nis@0.56.5-4.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=aarch64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"product": {
"name": "slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm (idm:DL1)",
"product_id": "slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slapi-nis-debuginfo@0.56.5-4.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=aarch64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"product": {
"name": "slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm (idm:DL1)",
"product_id": "slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slapi-nis-debugsource@0.56.5-4.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=aarch64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"product": {
"name": "softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm (idm:DL1)",
"product_id": "softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/softhsm@2.6.0-3.module%2Bel8.3.0%2B6909%2Bfb33717d?arch=aarch64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"product": {
"name": "softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm (idm:DL1)",
"product_id": "softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/softhsm-debuginfo@2.6.0-3.module%2Bel8.3.0%2B6909%2Bfb33717d?arch=aarch64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"product": {
"name": "softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm (idm:DL1)",
"product_id": "softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/softhsm-debugsource@2.6.0-3.module%2Bel8.3.0%2B6909%2Bfb33717d?arch=aarch64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"product": {
"name": "softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm (idm:DL1)",
"product_id": "softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/softhsm-devel@2.6.0-3.module%2Bel8.3.0%2B6909%2Bfb33717d?arch=aarch64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"product": {
"name": "ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm (idm:client)",
"product_id": "ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=aarch64\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"product": {
"name": "ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm (idm:client)",
"product_id": "ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=aarch64\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"product": {
"name": "ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm (idm:client)",
"product_id": "ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-epn@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=aarch64\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"product": {
"name": "ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm (idm:client)",
"product_id": "ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-samba@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=aarch64\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"product": {
"name": "ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm (idm:client)",
"product_id": "ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=aarch64\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"product": {
"name": "ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm (idm:client)",
"product_id": "ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-debugsource@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=aarch64\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
}
],
"category": "architecture",
"name": "aarch64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1"
},
"product_reference": "bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1"
},
"product_reference": "bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1"
},
"product_reference": "bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.src.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.src.rpm-idm:DL1"
},
"product_reference": "bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.src.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1"
},
"product_reference": "bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1"
},
"product_reference": "bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1"
},
"product_reference": "bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1"
},
"product_reference": "bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1"
},
"product_reference": "bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1"
},
"product_reference": "bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1"
},
"product_reference": "bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1"
},
"product_reference": "bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1"
},
"product_reference": "bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1"
},
"product_reference": "custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "custodia-0.6.0-3.module+el8.1.0+4098+f286395e.src.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1"
},
"product_reference": "custodia-0.6.0-3.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-4.8.7-12.module+el8.3.0+8222+c1bff54a.src.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1"
},
"product_reference": "ipa-4.8.7-12.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-4.8.7-12.module+el8.3.0+8223+6212645f.src.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8223+6212645f.src.rpm-idm:client"
},
"product_reference": "ipa-4.8.7-12.module+el8.3.0+8223+6212645f.src.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1"
},
"product_reference": "ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1"
},
"product_reference": "ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1"
},
"product_reference": "ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1"
},
"product_reference": "ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client"
},
"product_reference": "ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client"
},
"product_reference": "ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client"
},
"product_reference": "ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client"
},
"product_reference": "ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1"
},
"product_reference": "ipa-client-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client"
},
"product_reference": "ipa-client-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1"
},
"product_reference": "ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1"
},
"product_reference": "ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1"
},
"product_reference": "ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1"
},
"product_reference": "ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client"
},
"product_reference": "ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client"
},
"product_reference": "ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client"
},
"product_reference": "ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client"
},
"product_reference": "ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1"
},
"product_reference": "ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1"
},
"product_reference": "ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1"
},
"product_reference": "ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1"
},
"product_reference": "ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client"
},
"product_reference": "ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client"
},
"product_reference": "ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client"
},
"product_reference": "ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client"
},
"product_reference": "ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1"
},
"product_reference": "ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1"
},
"product_reference": "ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1"
},
"product_reference": "ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1"
},
"product_reference": "ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client"
},
"product_reference": "ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client"
},
"product_reference": "ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client"
},
"product_reference": "ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client"
},
"product_reference": "ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1"
},
"product_reference": "ipa-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client"
},
"product_reference": "ipa-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1"
},
"product_reference": "ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1"
},
"product_reference": "ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1"
},
"product_reference": "ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1"
},
"product_reference": "ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client"
},
"product_reference": "ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client"
},
"product_reference": "ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client"
},
"product_reference": "ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client"
},
"product_reference": "ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1"
},
"product_reference": "ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1"
},
"product_reference": "ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1"
},
"product_reference": "ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1"
},
"product_reference": "ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client"
},
"product_reference": "ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client"
},
"product_reference": "ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client"
},
"product_reference": "ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client"
},
"product_reference": "ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1"
},
"product_reference": "ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.src.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.src.rpm-idm:DL1"
},
"product_reference": "ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.src.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-healthcheck-0.4-6.module+el8.3.0+7711+c4441980.src.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7711+c4441980.src.rpm-idm:client"
},
"product_reference": "ipa-healthcheck-0.4-6.module+el8.3.0+7711+c4441980.src.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-healthcheck-core-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1"
},
"product_reference": "ipa-healthcheck-core-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-healthcheck-core-0.4-6.module+el8.3.0+7711+c4441980.noarch.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7711+c4441980.noarch.rpm-idm:client"
},
"product_reference": "ipa-healthcheck-core-0.4-6.module+el8.3.0+7711+c4441980.noarch.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-python-compat-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1"
},
"product_reference": "ipa-python-compat-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-python-compat-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client"
},
"product_reference": "ipa-python-compat-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-selinux-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1"
},
"product_reference": "ipa-selinux-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-selinux-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client"
},
"product_reference": "ipa-selinux-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1"
},
"product_reference": "ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1"
},
"product_reference": "ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1"
},
"product_reference": "ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1"
},
"product_reference": "ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-server-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1"
},
"product_reference": "ipa-server-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1"
},
"product_reference": "ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1"
},
"product_reference": "ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1"
},
"product_reference": "ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1"
},
"product_reference": "ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-dns-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-server-dns-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1"
},
"product_reference": "ipa-server-dns-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1"
},
"product_reference": "ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1"
},
"product_reference": "ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1"
},
"product_reference": "ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1"
},
"product_reference": "ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1"
},
"product_reference": "ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1"
},
"product_reference": "ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1"
},
"product_reference": "ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1"
},
"product_reference": "ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1"
},
"product_reference": "opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1"
},
"product_reference": "opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1"
},
"product_reference": "opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.src.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.src.rpm-idm:DL1"
},
"product_reference": "opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.src.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1"
},
"product_reference": "opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1"
},
"product_reference": "opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1"
},
"product_reference": "opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1"
},
"product_reference": "opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1"
},
"product_reference": "opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1"
},
"product_reference": "opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1"
},
"product_reference": "opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1"
},
"product_reference": "opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1"
},
"product_reference": "opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.src.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1"
},
"product_reference": "python-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.src.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client"
},
"product_reference": "python-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.src.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.src.rpm-idm:DL1"
},
"product_reference": "python-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.src.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-qrcode-5.1-12.module+el8.1.0+4098+f286395e.src.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1"
},
"product_reference": "python-qrcode-5.1-12.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.src.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client"
},
"product_reference": "python-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.src.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1"
},
"product_reference": "python-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.src.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client"
},
"product_reference": "python-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1"
},
"product_reference": "python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-ipaclient-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1"
},
"product_reference": "python3-ipaclient-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-ipaclient-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client"
},
"product_reference": "python3-ipaclient-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-ipalib-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1"
},
"product_reference": "python3-ipalib-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-ipalib-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client"
},
"product_reference": "python3-ipalib-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-ipaserver-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python3-ipaserver-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1"
},
"product_reference": "python3-ipaserver-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.noarch.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1"
},
"product_reference": "python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client"
},
"product_reference": "python3-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch.rpm-idm:DL1"
},
"product_reference": "python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.noarch.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1"
},
"product_reference": "python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client"
},
"product_reference": "python3-pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-qrcode-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1"
},
"product_reference": "python3-qrcode-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client"
},
"product_reference": "python3-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1"
},
"product_reference": "python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-qrcode-core-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client"
},
"product_reference": "python3-qrcode-core-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1"
},
"product_reference": "python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client"
},
"product_reference": "python3-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.src.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1"
},
"product_reference": "pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.src.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client"
},
"product_reference": "pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1"
},
"product_reference": "slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1"
},
"product_reference": "slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1"
},
"product_reference": "slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.src.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1"
},
"product_reference": "slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1"
},
"product_reference": "slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1"
},
"product_reference": "slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1"
},
"product_reference": "slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1"
},
"product_reference": "slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1"
},
"product_reference": "slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1"
},
"product_reference": "slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1"
},
"product_reference": "slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1"
},
"product_reference": "slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1"
},
"product_reference": "slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1"
},
"product_reference": "softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1"
},
"product_reference": "softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1"
},
"product_reference": "softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.src.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.src.rpm-idm:DL1"
},
"product_reference": "softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.src.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1"
},
"product_reference": "softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1"
},
"product_reference": "softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1"
},
"product_reference": "softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1"
},
"product_reference": "softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1"
},
"product_reference": "softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1"
},
"product_reference": "softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1"
},
"product_reference": "softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1"
},
"product_reference": "softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1"
},
"product_reference": "softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1"
},
"product_reference": "softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1"
},
"product_reference": "softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1"
},
"product_reference": "softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1"
},
"product_reference": "softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-9251",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2016-11-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1399546"
}
],
"notes": [
{
"category": "description",
"text": "jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Cross-site scripting via cross-domain ajax requests",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8223+6212645f.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7711+c4441980.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7711+c4441980.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-9251"
},
{
"category": "external",
"summary": "RHBZ#1399546",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1399546"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-9251",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9251"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-9251",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-9251"
}
],
"release_date": "2015-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:31:18+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8223+6212645f.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7711+c4441980.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7711+c4441980.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4670"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8223+6212645f.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7711+c4441980.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7711+c4441980.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Cross-site scripting via cross-domain ajax requests"
},
{
"cve": "CVE-2016-10735",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668097"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the data-target attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8223+6212645f.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7711+c4441980.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7711+c4441980.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-10735"
},
{
"category": "external",
"summary": "RHBZ#1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10735"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735"
}
],
"release_date": "2016-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:31:18+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8223+6212645f.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7711+c4441980.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7711+c4441980.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4670"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8223+6212645f.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7711+c4441980.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7711+c4441980.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the data-target attribute"
},
{
"cve": "CVE-2018-14040",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601614"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8223+6212645f.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7711+c4441980.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7711+c4441980.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14040"
},
{
"category": "external",
"summary": "RHBZ#1601614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14040",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14040"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:31:18+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8223+6212645f.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7711+c4441980.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7711+c4441980.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4670"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8223+6212645f.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7711+c4441980.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7711+c4441980.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute"
},
{
"cve": "CVE-2018-14042",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601617"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8223+6212645f.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7711+c4441980.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7711+c4441980.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14042"
},
{
"category": "external",
"summary": "RHBZ#1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14042",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14042"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:31:18+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8223+6212645f.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7711+c4441980.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7711+c4441980.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4670"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8223+6212645f.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7711+c4441980.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7711+c4441980.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip"
},
{
"cve": "CVE-2018-20676",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668082"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting, caused by improper validation of user-supplied input by the tooltip data-viewport attribute. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the tooltip data-viewport attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions do not use the vulnerable component at all.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8223+6212645f.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7711+c4441980.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7711+c4441980.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-20676"
},
{
"category": "external",
"summary": "RHBZ#1668082",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668082"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-20676",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20676"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20676",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20676"
}
],
"release_date": "2018-08-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:31:18+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8223+6212645f.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7711+c4441980.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7711+c4441980.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4670"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8223+6212645f.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7711+c4441980.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7711+c4441980.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the tooltip data-viewport attribute"
},
{
"cve": "CVE-2018-20677",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668089"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting caused by improper validation of user-supplied input by the affix configuration target property. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the affix configuration target property",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions do not use the vulnerable component at all.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8223+6212645f.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7711+c4441980.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7711+c4441980.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-20677"
},
{
"category": "external",
"summary": "RHBZ#1668089",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668089"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-20677",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20677"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20677",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20677"
}
],
"release_date": "2018-08-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:31:18+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8223+6212645f.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7711+c4441980.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7711+c4441980.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4670"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8223+6212645f.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7711+c4441980.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7711+c4441980.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the affix configuration target property"
},
{
"cve": "CVE-2019-8331",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-02-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1686454"
}
],
"notes": [
{
"category": "description",
"text": "A cross-site scripting vulnerability was discovered in bootstrap. If an attacker could control the data given to tooltip or popover, they could inject HTML or Javascript into the rendered page when tooltip or popover events fired.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the tooltip or popover data-template attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8223+6212645f.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7711+c4441980.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7711+c4441980.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-8331"
},
{
"category": "external",
"summary": "RHBZ#1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-8331",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8331"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331"
}
],
"release_date": "2019-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:31:18+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8223+6212645f.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7711+c4441980.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7711+c4441980.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4670"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8223+6212645f.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7711+c4441980.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7711+c4441980.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the tooltip or popover data-template attribute"
},
{
"cve": "CVE-2019-11358",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-03-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1701972"
}
],
"notes": [
{
"category": "description",
"text": "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8223+6212645f.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7711+c4441980.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7711+c4441980.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-11358"
},
{
"category": "external",
"summary": "RHBZ#1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/",
"url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/"
},
{
"category": "external",
"summary": "https://www.drupal.org/sa-core-2019-006",
"url": "https://www.drupal.org/sa-core-2019-006"
}
],
"release_date": "2019-03-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:31:18+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8223+6212645f.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7711+c4441980.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7711+c4441980.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4670"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8223+6212645f.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7711+c4441980.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7711+c4441980.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection"
},
{
"acknowledgments": [
{
"names": [
"Pritam Singh"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2020-1722",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2019-12-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1793071"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in IPA. When sending a very long password (\u003e= 1,000,000 characters) to the server, the password hashing process could exhaust memory and CPU leading to a denial of service and the website becoming unresponsive. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ipa: No password length restriction leads to denial of service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8223+6212645f.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7711+c4441980.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7711+c4441980.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-1722"
},
{
"category": "external",
"summary": "RHBZ#1793071",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1793071"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-1722",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1722"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1722",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1722"
}
],
"release_date": "2020-04-14T04:26:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:31:18+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8223+6212645f.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7711+c4441980.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7711+c4441980.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4670"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8223+6212645f.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7711+c4441980.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7711+c4441980.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "ipa: No password length restriction leads to denial of service"
},
{
"cve": "CVE-2020-11022",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-04-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1828406"
}
],
"notes": [
{
"category": "description",
"text": "A Cross-site scripting (XSS) vulnerability exists in JQuery. This flaw allows an attacker with the ability to supply input to the \u2018HTML\u2019 function to inject Javascript into the page where that input is rendered, and have it delivered by the browser.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "No supported release of Red Hat OpenStack Platform is affected by this vulnerability as no shipped packages contain the vulnerable code.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8223+6212645f.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7711+c4441980.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7711+c4441980.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11022"
},
{
"category": "external",
"summary": "RHBZ#1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11022",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2",
"url": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2"
}
],
"release_date": "2020-04-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:31:18+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8223+6212645f.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7711+c4441980.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7711+c4441980.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4670"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8223+6212645f.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7711+c4441980.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7711+c4441980.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method"
}
]
}
rhsa-2023:0554
Vulnerability from csaf_redhat
Published
2023-01-31 13:15
Modified
2025-10-13 04:53
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.8, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.9 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* jquery: Prototype pollution in object's prototype leading to denial of
service, remote code execution, or property injection (CVE-2019-11358)
* jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251)
* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute
(CVE-2018-14040)
* jquery: Untrusted code execution via <option> tag in HTML passed to DOM
manipulation methods (CVE-2020-11023)
* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method
(CVE-2020-11022)
* bootstrap: XSS in the data-target attribute (CVE-2016-10735)
* bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy
(CVE-2018-14041)
* sshd-common: mina-sshd: Java unsafe deserialization vulnerability
(CVE-2022-45047)
* woodstox-core: woodstox to serialise XML data was vulnerable to Denial of
Service attacks (CVE-2022-40152)
* bootstrap: Cross-site Scripting (XSS) in the data-container property of
tooltip (CVE-2018-14042)
* bootstrap: XSS in the tooltip or popover data-template attribute
(CVE-2019-8331)
* nodejs-moment: Regular expression denial of service (CVE-2017-18214)
* wildfly-elytron: possible timing attacks via use of unsafe comparator
(CVE-2022-3143)
* jackson-databind: use of deeply nested arrays (CVE-2022-42004)
* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS
(CVE-2022-42003)
* jettison: parser crash by stackoverflow (CVE-2022-40149)
* jettison: memory exhaustion via user-supplied XML or JSON data
(CVE-2022-40150)
* jettison: If the value in map is the map's self, the new new JSONObject(map) cause StackOverflowError which may lead to dos (CVE-2022-45693)
* CXF: Apache CXF: SSRF Vulnerability (CVE-2022-46364)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 9.\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.8, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.9 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* jquery: Prototype pollution in object\u0027s prototype leading to denial of\nservice, remote code execution, or property injection (CVE-2019-11358)\n\n* jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251)\n\n* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute\n(CVE-2018-14040)\n\n* jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM\nmanipulation methods (CVE-2020-11023)\n\n* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method\n(CVE-2020-11022)\n\n* bootstrap: XSS in the data-target attribute (CVE-2016-10735)\n\n* bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy\n(CVE-2018-14041)\n\n* sshd-common: mina-sshd: Java unsafe deserialization vulnerability\n(CVE-2022-45047)\n\n* woodstox-core: woodstox to serialise XML data was vulnerable to Denial of\nService attacks (CVE-2022-40152)\n\n* bootstrap: Cross-site Scripting (XSS) in the data-container property of\ntooltip (CVE-2018-14042)\n\n* bootstrap: XSS in the tooltip or popover data-template attribute\n(CVE-2019-8331)\n\n* nodejs-moment: Regular expression denial of service (CVE-2017-18214)\n\n* wildfly-elytron: possible timing attacks via use of unsafe comparator\n(CVE-2022-3143)\n\n* jackson-databind: use of deeply nested arrays (CVE-2022-42004)\n\n* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS\n(CVE-2022-42003)\n\n* jettison: parser crash by stackoverflow (CVE-2022-40149)\n\n* jettison: memory exhaustion via user-supplied XML or JSON data\n(CVE-2022-40150)\n\n* jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos (CVE-2022-45693)\n\n* CXF: Apache CXF: SSRF Vulnerability (CVE-2022-46364)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:0554",
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/"
},
{
"category": "external",
"summary": "1399546",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1399546"
},
{
"category": "external",
"summary": "1553413",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1553413"
},
{
"category": "external",
"summary": "1601614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614"
},
{
"category": "external",
"summary": "1601616",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601616"
},
{
"category": "external",
"summary": "1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "external",
"summary": "1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "1850004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004"
},
{
"category": "external",
"summary": "2124682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124682"
},
{
"category": "external",
"summary": "2134291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134291"
},
{
"category": "external",
"summary": "2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "2135770",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770"
},
{
"category": "external",
"summary": "2135771",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135771"
},
{
"category": "external",
"summary": "2145194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194"
},
{
"category": "external",
"summary": "2155682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155682"
},
{
"category": "external",
"summary": "2155970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155970"
},
{
"category": "external",
"summary": "JBEAP-23864",
"url": "https://issues.redhat.com/browse/JBEAP-23864"
},
{
"category": "external",
"summary": "JBEAP-23865",
"url": "https://issues.redhat.com/browse/JBEAP-23865"
},
{
"category": "external",
"summary": "JBEAP-23866",
"url": "https://issues.redhat.com/browse/JBEAP-23866"
},
{
"category": "external",
"summary": "JBEAP-23928",
"url": "https://issues.redhat.com/browse/JBEAP-23928"
},
{
"category": "external",
"summary": "JBEAP-24055",
"url": "https://issues.redhat.com/browse/JBEAP-24055"
},
{
"category": "external",
"summary": "JBEAP-24081",
"url": "https://issues.redhat.com/browse/JBEAP-24081"
},
{
"category": "external",
"summary": "JBEAP-24095",
"url": "https://issues.redhat.com/browse/JBEAP-24095"
},
{
"category": "external",
"summary": "JBEAP-24100",
"url": "https://issues.redhat.com/browse/JBEAP-24100"
},
{
"category": "external",
"summary": "JBEAP-24127",
"url": "https://issues.redhat.com/browse/JBEAP-24127"
},
{
"category": "external",
"summary": "JBEAP-24128",
"url": "https://issues.redhat.com/browse/JBEAP-24128"
},
{
"category": "external",
"summary": "JBEAP-24132",
"url": "https://issues.redhat.com/browse/JBEAP-24132"
},
{
"category": "external",
"summary": "JBEAP-24147",
"url": "https://issues.redhat.com/browse/JBEAP-24147"
},
{
"category": "external",
"summary": "JBEAP-24167",
"url": "https://issues.redhat.com/browse/JBEAP-24167"
},
{
"category": "external",
"summary": "JBEAP-24191",
"url": "https://issues.redhat.com/browse/JBEAP-24191"
},
{
"category": "external",
"summary": "JBEAP-24195",
"url": "https://issues.redhat.com/browse/JBEAP-24195"
},
{
"category": "external",
"summary": "JBEAP-24207",
"url": "https://issues.redhat.com/browse/JBEAP-24207"
},
{
"category": "external",
"summary": "JBEAP-24248",
"url": "https://issues.redhat.com/browse/JBEAP-24248"
},
{
"category": "external",
"summary": "JBEAP-24426",
"url": "https://issues.redhat.com/browse/JBEAP-24426"
},
{
"category": "external",
"summary": "JBEAP-24427",
"url": "https://issues.redhat.com/browse/JBEAP-24427"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_0554.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update",
"tracking": {
"current_release_date": "2025-10-13T04:53:24+00:00",
"generator": {
"date": "2025-10-13T04:53:24+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2023:0554",
"initial_release_date": "2023-01-31T13:15:23+00:00",
"revision_history": [
{
"date": "2023-01-31T13:15:23+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-01-31T13:15:23+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-13T04:53:24+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 7.4 for RHEL 9",
"product": {
"name": "Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-elytron-web@1.9.3-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"product": {
"name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"product_id": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-databind@2.12.7-1.redhat_00003.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src",
"product_id": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-woodstox-core@6.4.0-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"product": {
"name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"product_id": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-java8@2.12.7-1.redhat_00003.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"product": {
"name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"product_id": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-javaee-security-soteria@1.0.1-3.redhat_00003.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"product": {
"name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"product_id": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-annotations@2.12.7-1.redhat_00003.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"product": {
"name": "eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"product_id": "eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-providers@2.12.7-1.redhat_00003.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"product": {
"name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"product_id": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-core@2.12.7-1.redhat_00003.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"product": {
"name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"product_id": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-base@2.12.7-1.redhat_00003.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"product": {
"name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"product_id": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jettison@1.5.2-1.redhat_00002.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"product_id": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.2.22-1.SP3_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-remoting@5.0.27-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.3.16-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.5.10-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-jsp-api_2.3_spec@2.0.0-3.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"product_id": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-sshd@2.9.2-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.49-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"product_id": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-jsf-api_2.3_spec@3.0.0-6.SP07_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search@5.10.13-3.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.15.16-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"product": {
"name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"product_id": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-24.Final_redhat_00023.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"product": {
"name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"product_id": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.4.9-4.GA_redhat_00003.1.el9eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow-server@1.9.3-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product": {
"name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product_id": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-databind@2.12.7-1.redhat_00003.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-woodstox-core@6.4.0-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product": {
"name": "eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product_id": "eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-datatype-jdk8@2.12.7-1.redhat_00003.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product": {
"name": "eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product_id": "eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-datatype-jsr310@2.12.7-1.redhat_00003.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product": {
"name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product_id": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-java8@2.12.7-1.redhat_00003.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"product": {
"name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"product_id": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-javaee-security-soteria@1.0.1-3.redhat_00003.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"product": {
"name": "eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"product_id": "eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-javaee-security-soteria-enterprise@1.0.1-3.redhat_00003.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product": {
"name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product_id": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-annotations@2.12.7-1.redhat_00003.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product": {
"name": "eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product_id": "eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-base@2.12.7-1.redhat_00003.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product": {
"name": "eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product_id": "eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-json-provider@2.12.7-1.redhat_00003.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product": {
"name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product_id": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-core@2.12.7-1.redhat_00003.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product": {
"name": "eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product_id": "eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-module-jaxb-annotations@2.12.7-1.redhat_00003.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product": {
"name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product_id": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-base@2.12.7-1.redhat_00003.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"product_id": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jettison@1.5.2-1.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.2.22-1.SP3_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-remoting@5.0.27-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.3.16-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.5.10-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-api@1.5.10-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-impl@1.5.10-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-spi@1.5.10-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-api@1.5.10-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-impl@1.5.10-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-deployers-common@1.5.10-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-jdbc@1.5.10-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-validator@1.5.10-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-jsp-api_2.3_spec@2.0.0-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-sshd@2.9.2-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.49-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-jsf-api_2.3_spec@3.0.0-6.SP07_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search@5.10.13-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search-backend-jgroups@5.10.13-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search-backend-jms@5.10.13-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search-engine@5.10.13-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search-orm@5.10.13-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search-serialization-avro@5.10.13-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.15.16-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron-tool@1.15.16-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"product_id": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-24.Final_redhat_00023.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"product_id": "eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.10.0-24.Final_redhat_00023.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"product_id": "eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.10.0-24.Final_redhat_00023.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"product_id": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.4.9-4.GA_redhat_00003.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"product_id": "eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.4.9-4.GA_redhat_00003.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"product_id": "eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.4.9-4.GA_redhat_00003.1.el9eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch"
},
"product_reference": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src"
},
"product_reference": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch"
},
"product_reference": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src"
},
"product_reference": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch"
},
"product_reference": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src"
},
"product_reference": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch"
},
"product_reference": "eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch"
},
"product_reference": "eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch"
},
"product_reference": "eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch"
},
"product_reference": "eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src"
},
"product_reference": "eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch"
},
"product_reference": "eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch"
},
"product_reference": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src"
},
"product_reference": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch"
},
"product_reference": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src"
},
"product_reference": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch"
},
"product_reference": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src"
},
"product_reference": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch"
},
"product_reference": "eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src"
},
"product_reference": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src"
},
"product_reference": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src"
},
"product_reference": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-9251",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2016-11-27T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1399546"
}
],
"notes": [
{
"category": "description",
"text": "jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Cross-site scripting via cross-domain ajax requests",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-9251"
},
{
"category": "external",
"summary": "RHBZ#1399546",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1399546"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-9251",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9251"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-9251",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-9251"
}
],
"release_date": "2015-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:23+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jquery: Cross-site scripting via cross-domain ajax requests"
},
{
"cve": "CVE-2016-10735",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668097"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the data-target attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-10735"
},
{
"category": "external",
"summary": "RHBZ#1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10735"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735"
}
],
"release_date": "2016-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:23+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "bootstrap: XSS in the data-target attribute"
},
{
"cve": "CVE-2017-18214",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2018-03-08T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1553413"
}
],
"notes": [
{
"category": "description",
"text": "The moment module before 2.19.3 for Node.js is prone to a regular expression denial of service via a crafted date string, a different vulnerability than CVE-2016-4055.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-moment: Regular expression denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of momentjs as shipped with Red Hat Enterprise Satellite 5. Red Hat Product Security has rated this issue as having security impact of Moderate. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.\n\nIn Quay 3.10 and above, no version of affected momentjs is present.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-18214"
},
{
"category": "external",
"summary": "RHBZ#1553413",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1553413"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-18214",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18214"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-18214",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-18214"
}
],
"release_date": "2017-09-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:23+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "nodejs-moment: Regular expression denial of service"
},
{
"cve": "CVE-2018-14040",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601614"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14040"
},
{
"category": "external",
"summary": "RHBZ#1601614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14040",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14040"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:23+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute"
},
{
"cve": "CVE-2018-14041",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601616"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting, caused by improper validation of user-supplied input by the data-target property of scrollspy. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14041"
},
{
"category": "external",
"summary": "RHBZ#1601616",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601616"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14041",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14041"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14041",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14041"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:23+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy"
},
{
"cve": "CVE-2018-14042",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601617"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14042"
},
{
"category": "external",
"summary": "RHBZ#1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14042",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14042"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:23+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip"
},
{
"cve": "CVE-2019-8331",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-02-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1686454"
}
],
"notes": [
{
"category": "description",
"text": "A cross-site scripting vulnerability was discovered in bootstrap. If an attacker could control the data given to tooltip or popover, they could inject HTML or Javascript into the rendered page when tooltip or popover events fired.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the tooltip or popover data-template attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-8331"
},
{
"category": "external",
"summary": "RHBZ#1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-8331",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8331"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331"
}
],
"release_date": "2019-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:23+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "bootstrap: XSS in the tooltip or popover data-template attribute"
},
{
"cve": "CVE-2019-11358",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-03-28T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1701972"
}
],
"notes": [
{
"category": "description",
"text": "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-11358"
},
{
"category": "external",
"summary": "RHBZ#1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/",
"url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/"
},
{
"category": "external",
"summary": "https://www.drupal.org/sa-core-2019-006",
"url": "https://www.drupal.org/sa-core-2019-006"
}
],
"release_date": "2019-03-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:23+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection"
},
{
"cve": "CVE-2020-11022",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-04-23T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1828406"
}
],
"notes": [
{
"category": "description",
"text": "A Cross-site scripting (XSS) vulnerability exists in JQuery. This flaw allows an attacker with the ability to supply input to the \u2018HTML\u2019 function to inject Javascript into the page where that input is rendered, and have it delivered by the browser.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "No supported release of Red Hat OpenStack Platform is affected by this vulnerability as no shipped packages contain the vulnerable code.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11022"
},
{
"category": "external",
"summary": "RHBZ#1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11022",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2",
"url": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2"
}
],
"release_date": "2020-04-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:23+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method"
},
{
"cve": "CVE-2020-11023",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-06-23T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1850004"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jQuery. HTML containing \\\u003coption\\\u003e elements from untrusted sources are passed, even after sanitizing, to one of jQuery\u0027s DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux versions 6, 7, and 8 ship a vulnerable version of JQuery in the `pcs` component. As PCS does not accept untrusted input, the vulnerable code cannot be controlled by an attacker.\n\nMultiple Red Hat offerings use doxygen to build documentation. During this process an affected jquery.js file can be included in the resulting package. The \u0027gcc\u0027 and \u0027tbb\u0027 packages were potentially vulnerable via this method.\n\nOpenShift Container Platform 4 is not affected because even though it uses the \u0027gcc\u0027 component, vulnerable code is limited within the libstdc++-docs rpm package, which is not shipped.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nStatic code analysis controls ensure that security flaws, including XSS vulnerabilities, are detected early in development by scanning code for improper input handling. This prevents vulnerable code from reaching production and encourages our developers to follow secure coding practices. System monitoring controls play a crucial role in detecting and responding to XSS attacks by analyzing logs, monitoring user behavior, and generating alerts for suspicious activity. Meanwhile, AWS WAF (Web Application Firewall) adds an extra layer of defense by filtering and blocking malicious input before it reaches the platform and/or application. Together, these controls create a defense-in-depth approach, reducing the risk of XSS exploitation by preventing, detecting, and mitigating attacks at multiple levels.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11023"
},
{
"category": "external",
"summary": "RHBZ#1850004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/",
"url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2020-04-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:23+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2025-01-23T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Low"
}
],
"title": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods"
},
{
"cve": "CVE-2022-3143",
"cwe": {
"id": "CWE-208",
"name": "Observable Timing Discrepancy"
},
"discovery_date": "2022-09-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2124682"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly-elytron. Wildfly-elytron uses java.util.Arrays.equals in several places, which is unsafe and vulnerable to timing attacks. To compare values securely, use java.security.MessageDigest.isEqual instead. This flaw allows an attacker to access secure information or impersonate an authed user.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly-elytron: possible timing attacks via use of unsafe comparator",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-3143"
},
{
"category": "external",
"summary": "RHBZ#2124682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124682"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-3143",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3143"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3143",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3143"
}
],
"release_date": "2022-09-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:23+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly-elytron: possible timing attacks via use of unsafe comparator"
},
{
"cve": "CVE-2022-40149",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-10-18T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135771"
}
],
"notes": [
{
"category": "description",
"text": "A stack-based buffer overflow vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. This flaw allows an attacker to supply content that causes the parser to crash by writing outside the memory bounds if the parser is running on user-supplied input, resulting in a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: parser crash by stackoverflow",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40149"
},
{
"category": "external",
"summary": "RHBZ#2135771",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135771"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40149",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40149"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149"
},
{
"category": "external",
"summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1",
"url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1"
}
],
"release_date": "2022-09-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:23+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jettison: parser crash by stackoverflow"
},
{
"cve": "CVE-2022-40150",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-10-18T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135770"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. If the parser is running on user-supplied input, an attacker may supply content that causes the parser to crash, causing memory exhaustion. This effect may support a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: memory exhaustion via user-supplied XML or JSON data",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40150"
},
{
"category": "external",
"summary": "RHBZ#2135770",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40150",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40150"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150"
},
{
"category": "external",
"summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1",
"url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1"
}
],
"release_date": "2022-09-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:23+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jettison: memory exhaustion via user-supplied XML or JSON data"
},
{
"cve": "CVE-2022-40152",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-10-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2134291"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the FasterXML/woodstox package. This flaw allows an attacker to cause a denial of service (DoS) in its target via XML serialization. An attacker may benefit from the parser sending a malicious input that may cause a crash. This vulnerability is only relevant for users using the DTD parsing functionality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40152"
},
{
"category": "external",
"summary": "RHBZ#2134291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134291"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40152",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40152"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40152",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40152"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-3f7h-mf4q-vrm4",
"url": "https://github.com/advisories/GHSA-3f7h-mf4q-vrm4"
}
],
"release_date": "2022-09-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:23+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks"
},
{
"cve": "CVE-2022-42003",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135244"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42003"
},
{
"category": "external",
"summary": "RHBZ#2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42003",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:23+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS"
},
{
"cve": "CVE-2022-42004",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135247"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: use of deeply nested arrays",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42004"
},
{
"category": "external",
"summary": "RHBZ#2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42004",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:23+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: use of deeply nested arrays"
},
{
"cve": "CVE-2022-45047",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-11-23T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2145194"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache MINA SSHD, when using Java deserialization to load a serialized java.security.PrivateKey. An attacker could benefit from unsafe deserialization by inserting unsecured data that may affect the application or server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mina-sshd: Java unsafe deserialization vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Impact as High as there\u0027s a mitigation for minimizing the impact which the flaw requires org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to be impacted, which would require an external/public API for an attacker to benefit from it. \n\nRed Hat Fuse 7 and Red Hat JBoss Enterprise Application Platform 7 have a lower rate (moderate) as it\u0027s very unlikely to be exploited since those are for internal usage or use a custom implementation in their case.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45047"
},
{
"category": "external",
"summary": "RHBZ#2145194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45047",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45047"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047"
},
{
"category": "external",
"summary": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html",
"url": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html"
}
],
"release_date": "2022-11-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:23+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
},
{
"category": "workaround",
"details": "From the maintainer:\n\nFor Apache MINA SSHD \u003c= 2.9.1, do not use org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to generate and later load your server\u0027s host key. Use separately generated host key files, for instance in OpenSSH format, and load them via a org.apache.sshd.common.keyprovider.FileKeyPairProvider instead. Or use a custom implementation instead of \nSimpleGeneratorHostKeyProvider that uses the OpenSSH format for storing and loading the host key (via classes OpenSSHKeyPairResourceWriter and OpenSSHKeyPairResourceParser).",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mina-sshd: Java unsafe deserialization vulnerability"
},
{
"cve": "CVE-2022-45693",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-12-23T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155970"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jettison, where it is vulnerable to a denial of service caused by a stack-based buffer overflow. By sending a specially-crafted request using the map parameter, a remote attacker can cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat has determined the impact of this flaw to be Moderate; a successful attack using this flaw would require the processing of untrusted, unsanitized, or unrestricted user inputs, which runs counter to established Red Hat security practices.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45693"
},
{
"category": "external",
"summary": "RHBZ#2155970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155970"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45693",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45693"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45693",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45693"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:23+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos"
},
{
"cve": "CVE-2022-46364",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2022-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155682"
}
],
"notes": [
{
"category": "description",
"text": "A SSRF vulnerability was found in Apache CXF. This issue occurs when parsing the href attribute of XOP:Include in MTOM requests, allowing an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "CXF: SSRF Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Integration Camel Quarkus does not support CXF extensions and so is affected at a reduced impact of Moderate.\nThe RHSSO server does not ship Apache CXF. The component mentioned in CVE-2022-46364 is a transitive dependency coming from Fuse adapters and the test suite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-46364"
},
{
"category": "external",
"summary": "RHBZ#2155682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155682"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-46364",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46364"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46364",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46364"
},
{
"category": "external",
"summary": "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1\u0026modificationDate=1670944472739\u0026api=v2",
"url": "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1\u0026modificationDate=1670944472739\u0026api=v2"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:23+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "CXF: SSRF Vulnerability"
}
]
}
rhsa-2020:5571
Vulnerability from csaf_redhat
Published
2020-12-16 13:53
Modified
2025-10-10 01:34
Summary
Red Hat Security Advisory: python-XStatic-Bootstrap-SCSS security update
Notes
Topic
An update for python-XStatic-Bootstrap-SCSS is now available for Red Hat
OpenStack Platform 13 (Queens).
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
Details
python-XStatic-Bootstrap-SCSS is the Bootstrap-SCSS JavaScript library packaged for setuptools / pip.
Security Fix(es):
* XSS in the data-target attribute (CVE-2016-10735)
* Cross-site Scripting (XSS) in the data-container property of tooltip
(CVE-2018-14042)
* XSS in the tooltip data-viewport attribute (CVE-2018-20676)
* XSS in the affix configuration target property (CVE-2018-20677)
* XSS in the tooltip or popover data-template attribute (CVE-2019-8331)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for python-XStatic-Bootstrap-SCSS is now available for Red Hat\nOpenStack Platform 13 (Queens).\n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "python-XStatic-Bootstrap-SCSS is the Bootstrap-SCSS JavaScript library packaged for setuptools / pip.\n\nSecurity Fix(es):\n\n* XSS in the data-target attribute (CVE-2016-10735)\n\n* Cross-site Scripting (XSS) in the data-container property of tooltip\n(CVE-2018-14042)\n\n* XSS in the tooltip data-viewport attribute (CVE-2018-20676)\n\n* XSS in the affix configuration target property (CVE-2018-20677)\n\n* XSS in the tooltip or popover data-template attribute (CVE-2019-8331)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:5571",
"url": "https://access.redhat.com/errata/RHSA-2020:5571"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "1668082",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668082"
},
{
"category": "external",
"summary": "1668089",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668089"
},
{
"category": "external",
"summary": "1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_5571.json"
}
],
"title": "Red Hat Security Advisory: python-XStatic-Bootstrap-SCSS security update",
"tracking": {
"current_release_date": "2025-10-10T01:34:42+00:00",
"generator": {
"date": "2025-10-10T01:34:42+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2020:5571",
"initial_release_date": "2020-12-16T13:53:36+00:00",
"revision_history": [
{
"date": "2020-12-16T13:53:36+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-12-16T13:53:36+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-10T01:34:42+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenStack Platform 13.0",
"product": {
"name": "Red Hat OpenStack Platform 13.0",
"product_id": "7Server-RH7-RHOS-13.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openstack:13::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat OpenStack Platform 13.0 for RHEL 7.6 EUS Server",
"product": {
"name": "Red Hat OpenStack Platform 13.0 for RHEL 7.6 EUS Server",
"product_id": "7Server-7.6.EUS-RH7-RHOS-13.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openstack:13::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenStack Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"product": {
"name": "python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"product_id": "python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-XStatic-Bootstrap-SCSS@3.4.1.0-1.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch",
"product": {
"name": "xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch",
"product_id": "xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/xstatic-bootstrap-scss-common@3.4.1.0-1.el7ost?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"product": {
"name": "python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"product_id": "python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-XStatic-Bootstrap-SCSS@3.4.1.0-1.el7ost?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch as a component of Red Hat OpenStack Platform 13.0 for RHEL 7.6 EUS Server",
"product_id": "7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch"
},
"product_reference": "python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"relates_to_product_reference": "7Server-7.6.EUS-RH7-RHOS-13.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src as a component of Red Hat OpenStack Platform 13.0 for RHEL 7.6 EUS Server",
"product_id": "7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src"
},
"product_reference": "python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"relates_to_product_reference": "7Server-7.6.EUS-RH7-RHOS-13.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch as a component of Red Hat OpenStack Platform 13.0 for RHEL 7.6 EUS Server",
"product_id": "7Server-7.6.EUS-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch"
},
"product_reference": "xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch",
"relates_to_product_reference": "7Server-7.6.EUS-RH7-RHOS-13.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch as a component of Red Hat OpenStack Platform 13.0",
"product_id": "7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch"
},
"product_reference": "python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-13.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src as a component of Red Hat OpenStack Platform 13.0",
"product_id": "7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src"
},
"product_reference": "python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-13.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch as a component of Red Hat OpenStack Platform 13.0",
"product_id": "7Server-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch"
},
"product_reference": "xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-13.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-10735",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668097"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the data-target attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-7.6.EUS-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-10735"
},
{
"category": "external",
"summary": "RHBZ#1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10735"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735"
}
],
"release_date": "2016-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-12-16T13:53:36+00:00",
"details": "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-7.6.EUS-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:5571"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-7.6.EUS-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the data-target attribute"
},
{
"cve": "CVE-2018-14042",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601617"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-7.6.EUS-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14042"
},
{
"category": "external",
"summary": "RHBZ#1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14042",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14042"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-12-16T13:53:36+00:00",
"details": "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-7.6.EUS-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:5571"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-7.6.EUS-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip"
},
{
"cve": "CVE-2018-20676",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668082"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting, caused by improper validation of user-supplied input by the tooltip data-viewport attribute. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the tooltip data-viewport attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions do not use the vulnerable component at all.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-7.6.EUS-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-20676"
},
{
"category": "external",
"summary": "RHBZ#1668082",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668082"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-20676",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20676"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20676",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20676"
}
],
"release_date": "2018-08-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-12-16T13:53:36+00:00",
"details": "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-7.6.EUS-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:5571"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-7.6.EUS-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the tooltip data-viewport attribute"
},
{
"cve": "CVE-2018-20677",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668089"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting caused by improper validation of user-supplied input by the affix configuration target property. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the affix configuration target property",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions do not use the vulnerable component at all.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-7.6.EUS-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-20677"
},
{
"category": "external",
"summary": "RHBZ#1668089",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668089"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-20677",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20677"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20677",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20677"
}
],
"release_date": "2018-08-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-12-16T13:53:36+00:00",
"details": "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-7.6.EUS-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:5571"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-7.6.EUS-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the affix configuration target property"
},
{
"cve": "CVE-2019-8331",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-02-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1686454"
}
],
"notes": [
{
"category": "description",
"text": "A cross-site scripting vulnerability was discovered in bootstrap. If an attacker could control the data given to tooltip or popover, they could inject HTML or Javascript into the rendered page when tooltip or popover events fired.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the tooltip or popover data-template attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-7.6.EUS-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-8331"
},
{
"category": "external",
"summary": "RHBZ#1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-8331",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8331"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331"
}
],
"release_date": "2019-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-12-16T13:53:36+00:00",
"details": "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-7.6.EUS-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:5571"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-7.6.EUS-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the tooltip or popover data-template attribute"
}
]
}
rhsa-2023_0553
Vulnerability from csaf_redhat
Published
2023-01-31 13:12
Modified
2025-01-06 16:22
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.8, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.9 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* jquery: Prototype pollution in object's prototype leading to denial of
service, remote code execution, or property injection (CVE-2019-11358)
* jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251)
* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute
(CVE-2018-14040)
* jquery: Untrusted code execution via <option> tag in HTML passed to DOM
manipulation methods (CVE-2020-11023)
* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method
(CVE-2020-11022)
* bootstrap: XSS in the data-target attribute (CVE-2016-10735)
* bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy
(CVE-2018-14041)
* sshd-common: mina-sshd: Java unsafe deserialization vulnerability
(CVE-2022-45047)
* woodstox-core: woodstox to serialise XML data was vulnerable to Denial of
Service attacks (CVE-2022-40152)
* bootstrap: Cross-site Scripting (XSS) in the data-container property of
tooltip (CVE-2018-14042)
* bootstrap: XSS in the tooltip or popover data-template attribute
(CVE-2019-8331)
* nodejs-moment: Regular expression denial of service (CVE-2017-18214)
* wildfly-elytron: possible timing attacks via use of unsafe comparator
(CVE-2022-3143)
* jackson-databind: use of deeply nested arrays (CVE-2022-42004)
* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS
(CVE-2022-42003)
* jettison: parser crash by stackoverflow (CVE-2022-40149)
* jettison: memory exhaustion via user-supplied XML or JSON data
(CVE-2022-40150)
* jettison: If the value in map is the map's self, the new new JSONObject(map) cause StackOverflowError which may lead to dos (CVE-2022-45693)
* CXF: Apache CXF: SSRF Vulnerability (CVE-2022-46364)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.8, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.9 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* jquery: Prototype pollution in object\u0027s prototype leading to denial of\nservice, remote code execution, or property injection (CVE-2019-11358)\n\n* jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251)\n\n* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute\n(CVE-2018-14040)\n\n* jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM\nmanipulation methods (CVE-2020-11023)\n\n* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method\n(CVE-2020-11022)\n\n* bootstrap: XSS in the data-target attribute (CVE-2016-10735)\n\n* bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy\n(CVE-2018-14041)\n\n* sshd-common: mina-sshd: Java unsafe deserialization vulnerability\n(CVE-2022-45047)\n\n* woodstox-core: woodstox to serialise XML data was vulnerable to Denial of\nService attacks (CVE-2022-40152)\n\n* bootstrap: Cross-site Scripting (XSS) in the data-container property of\ntooltip (CVE-2018-14042)\n\n* bootstrap: XSS in the tooltip or popover data-template attribute\n(CVE-2019-8331)\n\n* nodejs-moment: Regular expression denial of service (CVE-2017-18214)\n\n* wildfly-elytron: possible timing attacks via use of unsafe comparator\n(CVE-2022-3143)\n\n* jackson-databind: use of deeply nested arrays (CVE-2022-42004)\n\n* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS\n(CVE-2022-42003)\n\n* jettison: parser crash by stackoverflow (CVE-2022-40149)\n\n* jettison: memory exhaustion via user-supplied XML or JSON data\n(CVE-2022-40150)\n\n* jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos (CVE-2022-45693)\n\n* CXF: Apache CXF: SSRF Vulnerability (CVE-2022-46364)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:0553",
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/"
},
{
"category": "external",
"summary": "1399546",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1399546"
},
{
"category": "external",
"summary": "1553413",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1553413"
},
{
"category": "external",
"summary": "1601614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614"
},
{
"category": "external",
"summary": "1601616",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601616"
},
{
"category": "external",
"summary": "1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "external",
"summary": "1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "1850004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004"
},
{
"category": "external",
"summary": "2124682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124682"
},
{
"category": "external",
"summary": "2134291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134291"
},
{
"category": "external",
"summary": "2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "2135770",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770"
},
{
"category": "external",
"summary": "2135771",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135771"
},
{
"category": "external",
"summary": "2145194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194"
},
{
"category": "external",
"summary": "2155682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155682"
},
{
"category": "external",
"summary": "2155970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155970"
},
{
"category": "external",
"summary": "JBEAP-23864",
"url": "https://issues.redhat.com/browse/JBEAP-23864"
},
{
"category": "external",
"summary": "JBEAP-23865",
"url": "https://issues.redhat.com/browse/JBEAP-23865"
},
{
"category": "external",
"summary": "JBEAP-23866",
"url": "https://issues.redhat.com/browse/JBEAP-23866"
},
{
"category": "external",
"summary": "JBEAP-23927",
"url": "https://issues.redhat.com/browse/JBEAP-23927"
},
{
"category": "external",
"summary": "JBEAP-24055",
"url": "https://issues.redhat.com/browse/JBEAP-24055"
},
{
"category": "external",
"summary": "JBEAP-24081",
"url": "https://issues.redhat.com/browse/JBEAP-24081"
},
{
"category": "external",
"summary": "JBEAP-24095",
"url": "https://issues.redhat.com/browse/JBEAP-24095"
},
{
"category": "external",
"summary": "JBEAP-24100",
"url": "https://issues.redhat.com/browse/JBEAP-24100"
},
{
"category": "external",
"summary": "JBEAP-24127",
"url": "https://issues.redhat.com/browse/JBEAP-24127"
},
{
"category": "external",
"summary": "JBEAP-24128",
"url": "https://issues.redhat.com/browse/JBEAP-24128"
},
{
"category": "external",
"summary": "JBEAP-24132",
"url": "https://issues.redhat.com/browse/JBEAP-24132"
},
{
"category": "external",
"summary": "JBEAP-24147",
"url": "https://issues.redhat.com/browse/JBEAP-24147"
},
{
"category": "external",
"summary": "JBEAP-24167",
"url": "https://issues.redhat.com/browse/JBEAP-24167"
},
{
"category": "external",
"summary": "JBEAP-24191",
"url": "https://issues.redhat.com/browse/JBEAP-24191"
},
{
"category": "external",
"summary": "JBEAP-24195",
"url": "https://issues.redhat.com/browse/JBEAP-24195"
},
{
"category": "external",
"summary": "JBEAP-24207",
"url": "https://issues.redhat.com/browse/JBEAP-24207"
},
{
"category": "external",
"summary": "JBEAP-24248",
"url": "https://issues.redhat.com/browse/JBEAP-24248"
},
{
"category": "external",
"summary": "JBEAP-24426",
"url": "https://issues.redhat.com/browse/JBEAP-24426"
},
{
"category": "external",
"summary": "JBEAP-24427",
"url": "https://issues.redhat.com/browse/JBEAP-24427"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_0553.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update",
"tracking": {
"current_release_date": "2025-01-06T16:22:57+00:00",
"generator": {
"date": "2025-01-06T16:22:57+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.5"
}
},
"id": "RHSA-2023:0553",
"initial_release_date": "2023-01-31T13:12:13+00:00",
"revision_history": [
{
"date": "2023-01-31T13:12:13+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-01-31T13:12:13+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-01-06T16:22:57+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 7.4 for RHEL 8",
"product": {
"name": "Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-elytron-web@1.9.3-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src",
"product_id": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-woodstox-core@6.4.0-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"product": {
"name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"product_id": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-databind@2.12.7-1.redhat_00003.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"product": {
"name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"product_id": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-java8@2.12.7-1.redhat_00003.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"product": {
"name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"product_id": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-annotations@2.12.7-1.redhat_00003.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"product": {
"name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"product_id": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-javaee-security-soteria@1.0.1-3.redhat_00003.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"product": {
"name": "eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"product_id": "eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-providers@2.12.7-1.redhat_00003.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"product": {
"name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"product_id": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-base@2.12.7-1.redhat_00003.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"product": {
"name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"product_id": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jettison@1.5.2-1.redhat_00002.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"product": {
"name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"product_id": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-core@2.12.7-1.redhat_00003.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"product_id": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.2.22-1.SP3_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-remoting@5.0.27-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.3.16-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.5.10-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"product_id": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-sshd@2.9.2-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-jsp-api_2.3_spec@2.0.0-3.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.49-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"product_id": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-jsf-api_2.3_spec@3.0.0-6.SP07_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search@5.10.13-3.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.15.16-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"product": {
"name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"product_id": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-24.Final_redhat_00023.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"product": {
"name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"product_id": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.4.9-4.GA_redhat_00003.1.el8eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow-server@1.9.3-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-woodstox-core@6.4.0-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product_id": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-databind@2.12.7-1.redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product_id": "eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-datatype-jdk8@2.12.7-1.redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product_id": "eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-datatype-jsr310@2.12.7-1.redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product_id": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-java8@2.12.7-1.redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product_id": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-annotations@2.12.7-1.redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"product_id": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-javaee-security-soteria@1.0.1-3.redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"product_id": "eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-javaee-security-soteria-enterprise@1.0.1-3.redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product_id": "eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-base@2.12.7-1.redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product_id": "eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-json-provider@2.12.7-1.redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product_id": "eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-module-jaxb-annotations@2.12.7-1.redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product_id": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-base@2.12.7-1.redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"product_id": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jettison@1.5.2-1.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product_id": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-core@2.12.7-1.redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.2.22-1.SP3_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-remoting@5.0.27-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.3.16-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.5.10-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-api@1.5.10-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-impl@1.5.10-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-spi@1.5.10-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-api@1.5.10-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-impl@1.5.10-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-deployers-common@1.5.10-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-jdbc@1.5.10-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-validator@1.5.10-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-sshd@2.9.2-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-jsp-api_2.3_spec@2.0.0-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.49-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-jsf-api_2.3_spec@3.0.0-6.SP07_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search@5.10.13-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search-backend-jgroups@5.10.13-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search-backend-jms@5.10.13-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search-engine@5.10.13-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search-orm@5.10.13-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search-serialization-avro@5.10.13-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.15.16-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron-tool@1.15.16-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-24.Final_redhat_00023.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.10.0-24.Final_redhat_00023.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.10.0-24.Final_redhat_00023.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"product_id": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.4.9-4.GA_redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"product_id": "eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.4.9-4.GA_redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"product_id": "eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.4.9-4.GA_redhat_00003.1.el8eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src"
},
"product_reference": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src"
},
"product_reference": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src"
},
"product_reference": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src"
},
"product_reference": "eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src"
},
"product_reference": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src"
},
"product_reference": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src"
},
"product_reference": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src"
},
"product_reference": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src"
},
"product_reference": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src"
},
"product_reference": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-9251",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2016-11-27T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1399546"
}
],
"notes": [
{
"category": "description",
"text": "jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Cross-site scripting via cross-domain ajax requests",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-9251"
},
{
"category": "external",
"summary": "RHBZ#1399546",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1399546"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-9251",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9251"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-9251",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-9251"
}
],
"release_date": "2015-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:12:13+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jquery: Cross-site scripting via cross-domain ajax requests"
},
{
"cve": "CVE-2016-10735",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668097"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the data-target attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-10735"
},
{
"category": "external",
"summary": "RHBZ#1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10735"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735"
}
],
"release_date": "2016-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:12:13+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "bootstrap: XSS in the data-target attribute"
},
{
"cve": "CVE-2017-18214",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2018-03-08T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1553413"
}
],
"notes": [
{
"category": "description",
"text": "The moment module before 2.19.3 for Node.js is prone to a regular expression denial of service via a crafted date string, a different vulnerability than CVE-2016-4055.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-moment: Regular expression denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of momentjs as shipped with Red Hat Enterprise Satellite 5. Red Hat Product Security has rated this issue as having security impact of Moderate. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-18214"
},
{
"category": "external",
"summary": "RHBZ#1553413",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1553413"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-18214",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18214"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-18214",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-18214"
}
],
"release_date": "2017-09-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:12:13+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "nodejs-moment: Regular expression denial of service"
},
{
"cve": "CVE-2018-14040",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601614"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14040"
},
{
"category": "external",
"summary": "RHBZ#1601614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14040",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14040"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:12:13+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute"
},
{
"cve": "CVE-2018-14041",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601616"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting, caused by improper validation of user-supplied input by the data-target property of scrollspy. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14041"
},
{
"category": "external",
"summary": "RHBZ#1601616",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601616"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14041",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14041"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14041",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14041"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:12:13+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy"
},
{
"cve": "CVE-2018-14042",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601617"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14042"
},
{
"category": "external",
"summary": "RHBZ#1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14042",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14042"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:12:13+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip"
},
{
"cve": "CVE-2019-8331",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-02-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1686454"
}
],
"notes": [
{
"category": "description",
"text": "A cross-site scripting vulnerability was discovered in bootstrap. If an attacker could control the data given to tooltip or popover, they could inject HTML or Javascript into the rendered page when tooltip or popover events fired.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the tooltip or popover data-template attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-8331"
},
{
"category": "external",
"summary": "RHBZ#1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-8331",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8331"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331"
}
],
"release_date": "2019-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:12:13+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "bootstrap: XSS in the tooltip or popover data-template attribute"
},
{
"cve": "CVE-2019-11358",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-03-28T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1701972"
}
],
"notes": [
{
"category": "description",
"text": "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-11358"
},
{
"category": "external",
"summary": "RHBZ#1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/",
"url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/"
},
{
"category": "external",
"summary": "https://www.drupal.org/sa-core-2019-006",
"url": "https://www.drupal.org/sa-core-2019-006"
}
],
"release_date": "2019-03-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:12:13+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection"
},
{
"cve": "CVE-2020-11022",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-04-23T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1828406"
}
],
"notes": [
{
"category": "description",
"text": "A Cross-site scripting (XSS) vulnerability exists in JQuery. This flaw allows an attacker with the ability to supply input to the \u2018HTML\u2019 function to inject Javascript into the page where that input is rendered, and have it delivered by the browser.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "No supported release of Red Hat OpenStack Platform is affected by this vulnerability as no shipped packages contain the vulnerable code.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11022"
},
{
"category": "external",
"summary": "RHBZ#1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11022",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2",
"url": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2"
}
],
"release_date": "2020-04-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:12:13+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method"
},
{
"cve": "CVE-2020-11023",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-06-23T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1850004"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jQuery. HTML containing \\\u003coption\\\u003e elements from untrusted sources are passed, even after sanitizing, to one of jQuery\u0027s DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux versions 6, 7, and 8 ship a vulnerable version of JQuery in the `pcs` component. However, the vulnerability has not been found to be exploitable in reasonable scenarios. \n\nIn RHEL7, pcs-0.9.169-3.el7_9.3 [RHSA-2022:7343] contains an updated version of jquery (3.6.0), which does not contain the vulnerable code.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11023"
},
{
"category": "external",
"summary": "RHBZ#1850004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/",
"url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/"
}
],
"release_date": "2020-04-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:12:13+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods"
},
{
"cve": "CVE-2022-3143",
"cwe": {
"id": "CWE-208",
"name": "Observable Timing Discrepancy"
},
"discovery_date": "2022-09-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2124682"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly-elytron. Wildfly-elytron uses java.util.Arrays.equals in several places, which is unsafe and vulnerable to timing attacks. To compare values securely, use java.security.MessageDigest.isEqual instead. This flaw allows an attacker to access secure information or impersonate an authed user.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly-elytron: possible timing attacks via use of unsafe comparator",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-3143"
},
{
"category": "external",
"summary": "RHBZ#2124682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124682"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-3143",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3143"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3143",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3143"
}
],
"release_date": "2022-09-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:12:13+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly-elytron: possible timing attacks via use of unsafe comparator"
},
{
"cve": "CVE-2022-40149",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-10-18T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135771"
}
],
"notes": [
{
"category": "description",
"text": "A stack-based buffer overflow vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. This flaw allows an attacker to supply content that causes the parser to crash by writing outside the memory bounds if the parser is running on user-supplied input, resulting in a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: parser crash by stackoverflow",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40149"
},
{
"category": "external",
"summary": "RHBZ#2135771",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135771"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40149",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40149"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149"
},
{
"category": "external",
"summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1",
"url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1"
}
],
"release_date": "2022-09-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:12:13+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jettison: parser crash by stackoverflow"
},
{
"cve": "CVE-2022-40150",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-10-18T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135770"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. If the parser is running on user-supplied input, an attacker may supply content that causes the parser to crash, causing memory exhaustion. This effect may support a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: memory exhaustion via user-supplied XML or JSON data",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40150"
},
{
"category": "external",
"summary": "RHBZ#2135770",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40150",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40150"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150"
},
{
"category": "external",
"summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1",
"url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1"
}
],
"release_date": "2022-09-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:12:13+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jettison: memory exhaustion via user-supplied XML or JSON data"
},
{
"cve": "CVE-2022-40152",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-10-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2134291"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the FasterXML/woodstox package. This flaw allows an attacker to cause a denial of service (DoS) in its target via XML serialization. An attacker may benefit from the parser sending a malicious input that may cause a crash. This vulnerability is only relevant for users using the DTD parsing functionality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40152"
},
{
"category": "external",
"summary": "RHBZ#2134291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134291"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40152",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40152"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40152",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40152"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-3f7h-mf4q-vrm4",
"url": "https://github.com/advisories/GHSA-3f7h-mf4q-vrm4"
}
],
"release_date": "2022-09-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:12:13+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks"
},
{
"cve": "CVE-2022-42003",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135244"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42003"
},
{
"category": "external",
"summary": "RHBZ#2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42003",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:12:13+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS"
},
{
"cve": "CVE-2022-42004",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135247"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: use of deeply nested arrays",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42004"
},
{
"category": "external",
"summary": "RHBZ#2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42004",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:12:13+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: use of deeply nested arrays"
},
{
"cve": "CVE-2022-45047",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-11-23T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2145194"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache MINA SSHD, when using Java deserialization to load a serialized java.security.PrivateKey. An attacker could benefit from unsafe deserialization by inserting unsecured data that may affect the application or server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mina-sshd: Java unsafe deserialization vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Impact as High as there\u0027s a mitigation for minimizing the impact which the flaw requires org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to be impacted, which would require an external/public API for an attacker to benefit from it. \n\nRed Hat Fuse 7 and Red Hat JBoss Enterprise Application Platform 7 have a lower rate (moderate) as it\u0027s very unlikely to be exploited since those are for internal usage or use a custom implementation in their case.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45047"
},
{
"category": "external",
"summary": "RHBZ#2145194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45047",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45047"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047"
},
{
"category": "external",
"summary": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html",
"url": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html"
}
],
"release_date": "2022-11-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:12:13+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
},
{
"category": "workaround",
"details": "From the maintainer:\n\nFor Apache MINA SSHD \u003c= 2.9.1, do not use org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to generate and later load your server\u0027s host key. Use separately generated host key files, for instance in OpenSSH format, and load them via a org.apache.sshd.common.keyprovider.FileKeyPairProvider instead. Or use a custom implementation instead of \nSimpleGeneratorHostKeyProvider that uses the OpenSSH format for storing and loading the host key (via classes OpenSSHKeyPairResourceWriter and OpenSSHKeyPairResourceParser).",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mina-sshd: Java unsafe deserialization vulnerability"
},
{
"cve": "CVE-2022-45693",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-12-23T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155970"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jettison, where it is vulnerable to a denial of service caused by a stack-based buffer overflow. By sending a specially-crafted request using the map parameter, a remote attacker can cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat has determined the impact of this flaw to be Moderate; a successful attack using this flaw would require the processing of untrusted, unsanitized, or unrestricted user inputs, which runs counter to established Red Hat security practices.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45693"
},
{
"category": "external",
"summary": "RHBZ#2155970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155970"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45693",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45693"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45693",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45693"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:12:13+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos"
},
{
"cve": "CVE-2022-46364",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2022-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155682"
}
],
"notes": [
{
"category": "description",
"text": "A SSRF vulnerability was found in Apache CXF. This issue occurs when parsing the href attribute of XOP:Include in MTOM requests, allowing an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "CXF: SSRF Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Integration Camel Quarkus does not support CXF extensions and so is affected at a reduced impact of Moderate.\nThe RHSSO server does not ship Apache CXF. The component mentioned in CVE-2022-46364 is a transitive dependency coming from Fuse adapters and the test suite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-46364"
},
{
"category": "external",
"summary": "RHBZ#2155682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155682"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-46364",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46364"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46364",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46364"
},
{
"category": "external",
"summary": "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1\u0026modificationDate=1670944472739\u0026api=v2",
"url": "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1\u0026modificationDate=1670944472739\u0026api=v2"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:12:13+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "CXF: SSRF Vulnerability"
}
]
}
rhsa-2020_5571
Vulnerability from csaf_redhat
Published
2020-12-16 13:53
Modified
2024-11-15 01:09
Summary
Red Hat Security Advisory: python-XStatic-Bootstrap-SCSS security update
Notes
Topic
An update for python-XStatic-Bootstrap-SCSS is now available for Red Hat
OpenStack Platform 13 (Queens).
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
Details
python-XStatic-Bootstrap-SCSS is the Bootstrap-SCSS JavaScript library packaged for setuptools / pip.
Security Fix(es):
* XSS in the data-target attribute (CVE-2016-10735)
* Cross-site Scripting (XSS) in the data-container property of tooltip
(CVE-2018-14042)
* XSS in the tooltip data-viewport attribute (CVE-2018-20676)
* XSS in the affix configuration target property (CVE-2018-20677)
* XSS in the tooltip or popover data-template attribute (CVE-2019-8331)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for python-XStatic-Bootstrap-SCSS is now available for Red Hat\nOpenStack Platform 13 (Queens).\n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "python-XStatic-Bootstrap-SCSS is the Bootstrap-SCSS JavaScript library packaged for setuptools / pip.\n\nSecurity Fix(es):\n\n* XSS in the data-target attribute (CVE-2016-10735)\n\n* Cross-site Scripting (XSS) in the data-container property of tooltip\n(CVE-2018-14042)\n\n* XSS in the tooltip data-viewport attribute (CVE-2018-20676)\n\n* XSS in the affix configuration target property (CVE-2018-20677)\n\n* XSS in the tooltip or popover data-template attribute (CVE-2019-8331)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:5571",
"url": "https://access.redhat.com/errata/RHSA-2020:5571"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "1668082",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668082"
},
{
"category": "external",
"summary": "1668089",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668089"
},
{
"category": "external",
"summary": "1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_5571.json"
}
],
"title": "Red Hat Security Advisory: python-XStatic-Bootstrap-SCSS security update",
"tracking": {
"current_release_date": "2024-11-15T01:09:15+00:00",
"generator": {
"date": "2024-11-15T01:09:15+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2020:5571",
"initial_release_date": "2020-12-16T13:53:36+00:00",
"revision_history": [
{
"date": "2020-12-16T13:53:36+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-12-16T13:53:36+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-15T01:09:15+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenStack Platform 13.0",
"product": {
"name": "Red Hat OpenStack Platform 13.0",
"product_id": "7Server-RH7-RHOS-13.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openstack:13::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat OpenStack Platform 13.0 for RHEL 7.6 EUS Server",
"product": {
"name": "Red Hat OpenStack Platform 13.0 for RHEL 7.6 EUS Server",
"product_id": "7Server-7.6.EUS-RH7-RHOS-13.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openstack:13::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenStack Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"product": {
"name": "python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"product_id": "python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-XStatic-Bootstrap-SCSS@3.4.1.0-1.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch",
"product": {
"name": "xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch",
"product_id": "xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/xstatic-bootstrap-scss-common@3.4.1.0-1.el7ost?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"product": {
"name": "python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"product_id": "python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-XStatic-Bootstrap-SCSS@3.4.1.0-1.el7ost?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch as a component of Red Hat OpenStack Platform 13.0 for RHEL 7.6 EUS Server",
"product_id": "7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch"
},
"product_reference": "python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"relates_to_product_reference": "7Server-7.6.EUS-RH7-RHOS-13.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src as a component of Red Hat OpenStack Platform 13.0 for RHEL 7.6 EUS Server",
"product_id": "7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src"
},
"product_reference": "python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"relates_to_product_reference": "7Server-7.6.EUS-RH7-RHOS-13.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch as a component of Red Hat OpenStack Platform 13.0 for RHEL 7.6 EUS Server",
"product_id": "7Server-7.6.EUS-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch"
},
"product_reference": "xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch",
"relates_to_product_reference": "7Server-7.6.EUS-RH7-RHOS-13.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch as a component of Red Hat OpenStack Platform 13.0",
"product_id": "7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch"
},
"product_reference": "python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-13.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src as a component of Red Hat OpenStack Platform 13.0",
"product_id": "7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src"
},
"product_reference": "python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-13.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch as a component of Red Hat OpenStack Platform 13.0",
"product_id": "7Server-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch"
},
"product_reference": "xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-13.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-10735",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668097"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the data-target attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-7.6.EUS-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-10735"
},
{
"category": "external",
"summary": "RHBZ#1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10735"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735"
}
],
"release_date": "2016-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-12-16T13:53:36+00:00",
"details": "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-7.6.EUS-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:5571"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-7.6.EUS-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the data-target attribute"
},
{
"cve": "CVE-2018-14042",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601617"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-7.6.EUS-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14042"
},
{
"category": "external",
"summary": "RHBZ#1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14042",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14042"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-12-16T13:53:36+00:00",
"details": "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-7.6.EUS-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:5571"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-7.6.EUS-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip"
},
{
"cve": "CVE-2018-20676",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668082"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting, caused by improper validation of user-supplied input by the tooltip data-viewport attribute. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the tooltip data-viewport attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions do not use the vulnerable component at all.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-7.6.EUS-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-20676"
},
{
"category": "external",
"summary": "RHBZ#1668082",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668082"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-20676",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20676"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20676",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20676"
}
],
"release_date": "2018-08-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-12-16T13:53:36+00:00",
"details": "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-7.6.EUS-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:5571"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-7.6.EUS-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the tooltip data-viewport attribute"
},
{
"cve": "CVE-2018-20677",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668089"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting caused by improper validation of user-supplied input by the affix configuration target property. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the affix configuration target property",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions do not use the vulnerable component at all.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-7.6.EUS-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-20677"
},
{
"category": "external",
"summary": "RHBZ#1668089",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668089"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-20677",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20677"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20677",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20677"
}
],
"release_date": "2018-08-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-12-16T13:53:36+00:00",
"details": "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-7.6.EUS-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:5571"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-7.6.EUS-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the affix configuration target property"
},
{
"cve": "CVE-2019-8331",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-02-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1686454"
}
],
"notes": [
{
"category": "description",
"text": "A cross-site scripting vulnerability was discovered in bootstrap. If an attacker could control the data given to tooltip or popover, they could inject HTML or Javascript into the rendered page when tooltip or popover events fired.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the tooltip or popover data-template attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-7.6.EUS-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-8331"
},
{
"category": "external",
"summary": "RHBZ#1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-8331",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8331"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331"
}
],
"release_date": "2019-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-12-16T13:53:36+00:00",
"details": "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-7.6.EUS-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:5571"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-7.6.EUS-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the tooltip or popover data-template attribute"
}
]
}
rhsa-2020:4847
Vulnerability from csaf_redhat
Published
2020-11-04 01:39
Modified
2025-10-13 04:53
Summary
Red Hat Security Advisory: pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update
Notes
Topic
An update for the pki-core:10.6 and pki-deps:10.6 modules is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The Public Key Infrastructure (PKI) Core contains fundamental packages required by Red Hat Certificate System.
Security Fix(es):
* jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251)
* bootstrap: XSS in the data-target attribute (CVE-2016-10735)
* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)
* bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip (CVE-2018-14042)
* bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331)
* jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection (CVE-2019-11358)
* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)
* jquery: Passing HTML containing <option> elements to manipulation methods could result in untrusted code execution (CVE-2020-11023)
* pki: Dogtag's python client does not validate certificates (CVE-2020-15720)
* pki-core: Reflected XSS in 'path length' constraint field in CA's Agent page (CVE-2019-10146)
* pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA's DRM agent page in authorize recovery tab (CVE-2019-10179)
* pki-core: Reflected XSS in getcookies?url= endpoint in CA (CVE-2019-10221)
* pki-core: KRA vulnerable to reflected XSS via the getPk12 page (CVE-2020-1721)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for the pki-core:10.6 and pki-deps:10.6 modules is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The Public Key Infrastructure (PKI) Core contains fundamental packages required by Red Hat Certificate System.\n\nSecurity Fix(es):\n\n* jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251)\n\n* bootstrap: XSS in the data-target attribute (CVE-2016-10735)\n\n* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)\n\n* bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip (CVE-2018-14042)\n\n* bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331)\n\n* jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection (CVE-2019-11358)\n\n* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)\n\n* jquery: Passing HTML containing \u003coption\u003e elements to manipulation methods could result in untrusted code execution (CVE-2020-11023)\n\n* pki: Dogtag\u0027s python client does not validate certificates (CVE-2020-15720)\n\n* pki-core: Reflected XSS in \u0027path length\u0027 constraint field in CA\u0027s Agent page (CVE-2019-10146)\n\n* pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA\u0027s DRM agent page in authorize recovery tab (CVE-2019-10179)\n\n* pki-core: Reflected XSS in getcookies?url= endpoint in CA (CVE-2019-10221)\n\n* pki-core: KRA vulnerable to reflected XSS via the getPk12 page (CVE-2020-1721)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:4847",
"url": "https://access.redhat.com/errata/RHSA-2020:4847"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.3_release_notes/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.3_release_notes/"
},
{
"category": "external",
"summary": "1376706",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1376706"
},
{
"category": "external",
"summary": "1399546",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1399546"
},
{
"category": "external",
"summary": "1406505",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1406505"
},
{
"category": "external",
"summary": "1601614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614"
},
{
"category": "external",
"summary": "1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "1666907",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666907"
},
{
"category": "external",
"summary": "1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "external",
"summary": "1695901",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695901"
},
{
"category": "external",
"summary": "1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "1706521",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1706521"
},
{
"category": "external",
"summary": "1710171",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1710171"
},
{
"category": "external",
"summary": "1721684",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1721684"
},
{
"category": "external",
"summary": "1724433",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1724433"
},
{
"category": "external",
"summary": "1732565",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1732565"
},
{
"category": "external",
"summary": "1732981",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1732981"
},
{
"category": "external",
"summary": "1777579",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1777579"
},
{
"category": "external",
"summary": "1805541",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1805541"
},
{
"category": "external",
"summary": "1817247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1817247"
},
{
"category": "external",
"summary": "1821851",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1821851"
},
{
"category": "external",
"summary": "1822246",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1822246"
},
{
"category": "external",
"summary": "1824939",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1824939"
},
{
"category": "external",
"summary": "1824948",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1824948"
},
{
"category": "external",
"summary": "1825998",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1825998"
},
{
"category": "external",
"summary": "1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "1842734",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1842734"
},
{
"category": "external",
"summary": "1842736",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1842736"
},
{
"category": "external",
"summary": "1843537",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1843537"
},
{
"category": "external",
"summary": "1845447",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1845447"
},
{
"category": "external",
"summary": "1850004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004"
},
{
"category": "external",
"summary": "1854043",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1854043"
},
{
"category": "external",
"summary": "1854959",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1854959"
},
{
"category": "external",
"summary": "1855273",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1855273"
},
{
"category": "external",
"summary": "1855319",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1855319"
},
{
"category": "external",
"summary": "1856368",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1856368"
},
{
"category": "external",
"summary": "1857933",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857933"
},
{
"category": "external",
"summary": "1861911",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1861911"
},
{
"category": "external",
"summary": "1869893",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1869893"
},
{
"category": "external",
"summary": "1871064",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1871064"
},
{
"category": "external",
"summary": "1873235",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1873235"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_4847.json"
}
],
"title": "Red Hat Security Advisory: pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update",
"tracking": {
"current_release_date": "2025-10-13T04:53:20+00:00",
"generator": {
"date": "2025-10-13T04:53:20+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2020:4847",
"initial_release_date": "2020-11-04T01:39:43+00:00",
"revision_history": [
{
"date": "2020-11-04T01:39:43+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-11-04T01:39:43+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-13T04:53:20+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product": {
"name": "apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6)",
"product_id": "apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/apache-commons-collections@3.2.2-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product": {
"name": "apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6)",
"product_id": "apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/apache-commons-lang@2.6-21.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"product": {
"name": "apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm (pki-deps:10.6)",
"product_id": "apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/apache-commons-net@3.6-3.module%2Bel8.3.0%2B6805%2B72837426?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product": {
"name": "bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6)",
"product_id": "bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bea-stax-api@1.2.0-16.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product": {
"name": "glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6)",
"product_id": "glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glassfish-fastinfoset@1.2.13-9.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product": {
"name": "glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6)",
"product_id": "glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glassfish-jaxb-api@2.2.12-8.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product": {
"name": "glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6)",
"product_id": "glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glassfish-jaxb-core@2.2.11-11.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product": {
"name": "glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6)",
"product_id": "glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glassfish-jaxb-runtime@2.2.11-11.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product": {
"name": "glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6)",
"product_id": "glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glassfish-jaxb-txw2@2.2.11-11.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"product": {
"name": "jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm (pki-deps:10.6)",
"product_id": "jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jackson-annotations@2.10.0-1.module%2Bel8.2.0%2B5059%2B3eb3af25?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"product": {
"name": "jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm (pki-deps:10.6)",
"product_id": "jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jackson-core@2.10.0-1.module%2Bel8.2.0%2B5059%2B3eb3af25?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"product": {
"name": "jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm (pki-deps:10.6)",
"product_id": "jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jackson-databind@2.10.0-1.module%2Bel8.2.0%2B5059%2B3eb3af25?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"product": {
"name": "jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm (pki-deps:10.6)",
"product_id": "jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jackson-jaxrs-json-provider@2.9.9-1.module%2Bel8.1.0%2B3832%2B9784644d?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"product": {
"name": "jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm (pki-deps:10.6)",
"product_id": "jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jackson-jaxrs-providers@2.9.9-1.module%2Bel8.1.0%2B3832%2B9784644d?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product": {
"name": "jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6)",
"product_id": "jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jackson-module-jaxb-annotations@2.7.6-4.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product": {
"name": "jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6)",
"product_id": "jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jakarta-commons-httpclient@3.1-28.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch\u0026epoch=1\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product": {
"name": "javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6)",
"product_id": "javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/javassist@3.18.1-8.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product": {
"name": "javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6)",
"product_id": "javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/javassist-javadoc@3.18.1-8.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"product": {
"name": "pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm (pki-deps:10.6)",
"product_id": "pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-servlet-4.0-api@9.0.30-1.module%2Bel8.3.0%2B6730%2B8f9c6254?arch=noarch\u0026epoch=1\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"product": {
"name": "pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm (pki-deps:10.6)",
"product_id": "pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-servlet-engine@9.0.30-1.module%2Bel8.3.0%2B6730%2B8f9c6254?arch=noarch\u0026epoch=1\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product": {
"name": "relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6)",
"product_id": "relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/relaxngDatatype@2011.1-7.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"product": {
"name": "resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm (pki-deps:10.6)",
"product_id": "resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/resteasy@3.0.26-3.module%2Bel8.2.0%2B5723%2B4574fbff?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product": {
"name": "slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6)",
"product_id": "slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slf4j@1.7.25-4.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product": {
"name": "slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6)",
"product_id": "slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slf4j-jdk14@1.7.25-4.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"product": {
"name": "stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm (pki-deps:10.6)",
"product_id": "stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/stax-ex@1.7.7-8.module%2Bel8.2.0%2B5723%2B4574fbff?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product": {
"name": "velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6)",
"product_id": "velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/velocity@1.7-24.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product": {
"name": "xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6)",
"product_id": "xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/xalan-j2@2.7.1-38.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product": {
"name": "xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6)",
"product_id": "xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/xerces-j2@2.11.0-34.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product": {
"name": "xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6)",
"product_id": "xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/xml-commons-apis@1.4.01-25.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product": {
"name": "xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6)",
"product_id": "xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/xml-commons-resolver@1.2-26.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"product": {
"name": "xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm (pki-deps:10.6)",
"product_id": "xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/xmlstreambuffer@1.5.4-8.module%2Bel8.2.0%2B5723%2B4574fbff?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product": {
"name": "xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6)",
"product_id": "xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/xsom@0-19.20110809svn.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"product": {
"name": "ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm (pki-core:10.6)",
"product_id": "ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ldapjdk@4.22.0-1.module%2Bel8.3.0%2B6784%2B6e1e4c62?arch=noarch\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"product": {
"name": "ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm (pki-core:10.6)",
"product_id": "ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ldapjdk-javadoc@4.22.0-1.module%2Bel8.3.0%2B6784%2B6e1e4c62?arch=noarch\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"product": {
"name": "pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm (pki-core:10.6)",
"product_id": "pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-base@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=noarch\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"product": {
"name": "pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm (pki-core:10.6)",
"product_id": "pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-base-java@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=noarch\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"product": {
"name": "pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm (pki-core:10.6)",
"product_id": "pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-ca@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=noarch\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"product": {
"name": "pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm (pki-core:10.6)",
"product_id": "pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-kra@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=noarch\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"product": {
"name": "pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm (pki-core:10.6)",
"product_id": "pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-server@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=noarch\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"product": {
"name": "python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm (pki-core:10.6)",
"product_id": "python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-pki@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=noarch\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"product": {
"name": "tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm (pki-core:10.6)",
"product_id": "tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcatjss@7.5.0-1.module%2Bel8.3.0%2B7355%2Bc59bcbd9?arch=noarch\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"product": {
"name": "apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm (pki-deps:10.6)",
"product_id": "apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/apache-commons-collections@3.2.2-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"product": {
"name": "apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm (pki-deps:10.6)",
"product_id": "apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/apache-commons-lang@2.6-21.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"product": {
"name": "apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm (pki-deps:10.6)",
"product_id": "apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/apache-commons-net@3.6-3.module%2Bel8.3.0%2B6805%2B72837426?arch=src\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"product": {
"name": "bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm (pki-deps:10.6)",
"product_id": "bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bea-stax@1.2.0-16.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"product": {
"name": "glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm (pki-deps:10.6)",
"product_id": "glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glassfish-fastinfoset@1.2.13-9.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"product": {
"name": "glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm (pki-deps:10.6)",
"product_id": "glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glassfish-jaxb@2.2.11-11.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"product": {
"name": "glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm (pki-deps:10.6)",
"product_id": "glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glassfish-jaxb-api@2.2.12-8.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"product": {
"name": "jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm (pki-deps:10.6)",
"product_id": "jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jackson-annotations@2.10.0-1.module%2Bel8.2.0%2B5059%2B3eb3af25?arch=src\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"product": {
"name": "jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm (pki-deps:10.6)",
"product_id": "jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jackson-core@2.10.0-1.module%2Bel8.2.0%2B5059%2B3eb3af25?arch=src\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"product": {
"name": "jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm (pki-deps:10.6)",
"product_id": "jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jackson-databind@2.10.0-1.module%2Bel8.2.0%2B5059%2B3eb3af25?arch=src\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"product": {
"name": "jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm (pki-deps:10.6)",
"product_id": "jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jackson-jaxrs-providers@2.9.9-1.module%2Bel8.1.0%2B3832%2B9784644d?arch=src\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"product": {
"name": "jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm (pki-deps:10.6)",
"product_id": "jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jackson-module-jaxb-annotations@2.7.6-4.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"product": {
"name": "jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm (pki-deps:10.6)",
"product_id": "jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jakarta-commons-httpclient@3.1-28.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src\u0026epoch=1\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"product": {
"name": "javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm (pki-deps:10.6)",
"product_id": "javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/javassist@3.18.1-8.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"product": {
"name": "pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm (pki-deps:10.6)",
"product_id": "pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-servlet-engine@9.0.30-1.module%2Bel8.3.0%2B6730%2B8f9c6254?arch=src\u0026epoch=1\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"product": {
"name": "python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm (pki-deps:10.6)",
"product_id": "python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-nss@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"product": {
"name": "relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm (pki-deps:10.6)",
"product_id": "relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/relaxngDatatype@2011.1-7.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"product": {
"name": "resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm (pki-deps:10.6)",
"product_id": "resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/resteasy@3.0.26-3.module%2Bel8.2.0%2B5723%2B4574fbff?arch=src\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"product": {
"name": "slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm (pki-deps:10.6)",
"product_id": "slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slf4j@1.7.25-4.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"product": {
"name": "stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm (pki-deps:10.6)",
"product_id": "stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/stax-ex@1.7.7-8.module%2Bel8.2.0%2B5723%2B4574fbff?arch=src\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"product": {
"name": "velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm (pki-deps:10.6)",
"product_id": "velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/velocity@1.7-24.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"product": {
"name": "xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm (pki-deps:10.6)",
"product_id": "xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/xalan-j2@2.7.1-38.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"product": {
"name": "xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm (pki-deps:10.6)",
"product_id": "xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/xerces-j2@2.11.0-34.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"product": {
"name": "xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm (pki-deps:10.6)",
"product_id": "xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/xml-commons-apis@1.4.01-25.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"product": {
"name": "xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm (pki-deps:10.6)",
"product_id": "xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/xml-commons-resolver@1.2-26.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"product": {
"name": "xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm (pki-deps:10.6)",
"product_id": "xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/xmlstreambuffer@1.5.4-8.module%2Bel8.2.0%2B5723%2B4574fbff?arch=src\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"product": {
"name": "xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm (pki-deps:10.6)",
"product_id": "xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/xsom@0-19.20110809svn.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"product": {
"name": "jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm (pki-core:10.6)",
"product_id": "jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jss@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=src\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"product": {
"name": "ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm (pki-core:10.6)",
"product_id": "ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ldapjdk@4.22.0-1.module%2Bel8.3.0%2B6784%2B6e1e4c62?arch=src\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"product": {
"name": "pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm (pki-core:10.6)",
"product_id": "pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-core@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=src\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"product": {
"name": "tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm (pki-core:10.6)",
"product_id": "tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcatjss@7.5.0-1.module%2Bel8.3.0%2B7355%2Bc59bcbd9?arch=src\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"product": {
"name": "python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm (pki-deps:10.6)",
"product_id": "python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-nss-debugsource@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=x86_64\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"product": {
"name": "python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm (pki-deps:10.6)",
"product_id": "python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-nss-doc@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=x86_64\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"product": {
"name": "python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm (pki-deps:10.6)",
"product_id": "python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-nss@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=x86_64\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"product": {
"name": "python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm (pki-deps:10.6)",
"product_id": "python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-nss-debuginfo@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=x86_64\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"product": {
"name": "jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm (pki-core:10.6)",
"product_id": "jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jss@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=x86_64\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"product": {
"name": "jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm (pki-core:10.6)",
"product_id": "jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jss-debuginfo@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=x86_64\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"product": {
"name": "jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm (pki-core:10.6)",
"product_id": "jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jss-debugsource@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=x86_64\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"product": {
"name": "jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm (pki-core:10.6)",
"product_id": "jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jss-javadoc@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=x86_64\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"product": {
"name": "pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm (pki-core:10.6)",
"product_id": "pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-core-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=x86_64\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"product": {
"name": "pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm (pki-core:10.6)",
"product_id": "pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-core-debugsource@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=x86_64\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"product": {
"name": "pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm (pki-core:10.6)",
"product_id": "pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-symkey@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=x86_64\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"product": {
"name": "pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm (pki-core:10.6)",
"product_id": "pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-symkey-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=x86_64\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"product": {
"name": "pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm (pki-core:10.6)",
"product_id": "pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-tools@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=x86_64\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"product": {
"name": "pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm (pki-core:10.6)",
"product_id": "pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-tools-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=x86_64\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"product": {
"name": "python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm (pki-deps:10.6)",
"product_id": "python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-nss-debugsource@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=s390x\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"product": {
"name": "python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm (pki-deps:10.6)",
"product_id": "python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-nss-doc@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=s390x\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"product": {
"name": "python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm (pki-deps:10.6)",
"product_id": "python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-nss@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=s390x\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"product": {
"name": "python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm (pki-deps:10.6)",
"product_id": "python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-nss-debuginfo@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=s390x\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"product": {
"name": "jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm (pki-core:10.6)",
"product_id": "jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jss@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=s390x\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"product": {
"name": "jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm (pki-core:10.6)",
"product_id": "jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jss-debuginfo@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=s390x\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"product": {
"name": "jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm (pki-core:10.6)",
"product_id": "jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jss-debugsource@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=s390x\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"product": {
"name": "jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm (pki-core:10.6)",
"product_id": "jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jss-javadoc@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=s390x\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"product": {
"name": "pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm (pki-core:10.6)",
"product_id": "pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-core-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=s390x\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"product": {
"name": "pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm (pki-core:10.6)",
"product_id": "pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-core-debugsource@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=s390x\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"product": {
"name": "pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm (pki-core:10.6)",
"product_id": "pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-symkey@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=s390x\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"product": {
"name": "pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm (pki-core:10.6)",
"product_id": "pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-symkey-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=s390x\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"product": {
"name": "pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm (pki-core:10.6)",
"product_id": "pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-tools@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=s390x\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"product": {
"name": "pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm (pki-core:10.6)",
"product_id": "pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-tools-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=s390x\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"product": {
"name": "python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm (pki-deps:10.6)",
"product_id": "python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-nss-debugsource@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=ppc64le\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"product": {
"name": "python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm (pki-deps:10.6)",
"product_id": "python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-nss-doc@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=ppc64le\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"product": {
"name": "python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm (pki-deps:10.6)",
"product_id": "python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-nss@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=ppc64le\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"product": {
"name": "python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm (pki-deps:10.6)",
"product_id": "python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-nss-debuginfo@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=ppc64le\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"product": {
"name": "jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm (pki-core:10.6)",
"product_id": "jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jss@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=ppc64le\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"product": {
"name": "jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm (pki-core:10.6)",
"product_id": "jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jss-debuginfo@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=ppc64le\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"product": {
"name": "jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm (pki-core:10.6)",
"product_id": "jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jss-debugsource@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=ppc64le\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"product": {
"name": "jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm (pki-core:10.6)",
"product_id": "jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jss-javadoc@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=ppc64le\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"product": {
"name": "pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm (pki-core:10.6)",
"product_id": "pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-core-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=ppc64le\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"product": {
"name": "pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm (pki-core:10.6)",
"product_id": "pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-core-debugsource@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=ppc64le\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"product": {
"name": "pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm (pki-core:10.6)",
"product_id": "pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-symkey@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=ppc64le\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"product": {
"name": "pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm (pki-core:10.6)",
"product_id": "pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-symkey-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=ppc64le\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"product": {
"name": "pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm (pki-core:10.6)",
"product_id": "pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-tools@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=ppc64le\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"product": {
"name": "pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm (pki-core:10.6)",
"product_id": "pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-tools-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=ppc64le\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"product": {
"name": "python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm (pki-deps:10.6)",
"product_id": "python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-nss-debugsource@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=aarch64\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"product": {
"name": "python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm (pki-deps:10.6)",
"product_id": "python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-nss-doc@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=aarch64\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"product": {
"name": "python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm (pki-deps:10.6)",
"product_id": "python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-nss@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=aarch64\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"product": {
"name": "python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm (pki-deps:10.6)",
"product_id": "python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-nss-debuginfo@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=aarch64\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"product": {
"name": "jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm (pki-core:10.6)",
"product_id": "jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jss@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=aarch64\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"product": {
"name": "jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm (pki-core:10.6)",
"product_id": "jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jss-debuginfo@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=aarch64\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"product": {
"name": "jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm (pki-core:10.6)",
"product_id": "jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jss-debugsource@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=aarch64\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"product": {
"name": "jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm (pki-core:10.6)",
"product_id": "jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jss-javadoc@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=aarch64\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"product": {
"name": "pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm (pki-core:10.6)",
"product_id": "pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-core-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=aarch64\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"product": {
"name": "pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm (pki-core:10.6)",
"product_id": "pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-core-debugsource@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=aarch64\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"product": {
"name": "pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm (pki-core:10.6)",
"product_id": "pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-symkey@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=aarch64\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"product": {
"name": "pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm (pki-core:10.6)",
"product_id": "pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-symkey-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=aarch64\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"product": {
"name": "pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm (pki-core:10.6)",
"product_id": "pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-tools@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=aarch64\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"product": {
"name": "pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm (pki-core:10.6)",
"product_id": "pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-tools-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=aarch64\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
}
],
"category": "architecture",
"name": "aarch64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6"
},
"product_reference": "apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
},
"product_reference": "apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6"
},
"product_reference": "apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
},
"product_reference": "apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6"
},
"product_reference": "apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6"
},
"product_reference": "apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
},
"product_reference": "bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6"
},
"product_reference": "bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6"
},
"product_reference": "glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
},
"product_reference": "glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
},
"product_reference": "glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6"
},
"product_reference": "glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
},
"product_reference": "glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6"
},
"product_reference": "glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6"
},
"product_reference": "glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6"
},
"product_reference": "glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6"
},
"product_reference": "jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6"
},
"product_reference": "jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6"
},
"product_reference": "jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6"
},
"product_reference": "jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6"
},
"product_reference": "jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6"
},
"product_reference": "jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6"
},
"product_reference": "jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6"
},
"product_reference": "jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6"
},
"product_reference": "jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6"
},
"product_reference": "jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
},
"product_reference": "jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6"
},
"product_reference": "jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
},
"product_reference": "jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6"
},
"product_reference": "javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
},
"product_reference": "javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6"
},
"product_reference": "javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6"
},
"product_reference": "jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6"
},
"product_reference": "jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6"
},
"product_reference": "jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6"
},
"product_reference": "jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6"
},
"product_reference": "jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6"
},
"product_reference": "jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6"
},
"product_reference": "jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6"
},
"product_reference": "jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6"
},
"product_reference": "jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6"
},
"product_reference": "jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6"
},
"product_reference": "jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6"
},
"product_reference": "jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6"
},
"product_reference": "jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6"
},
"product_reference": "jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6"
},
"product_reference": "jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6"
},
"product_reference": "jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6"
},
"product_reference": "jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6"
},
"product_reference": "ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6"
},
"product_reference": "ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6"
},
"product_reference": "ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6"
},
"product_reference": "pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6"
},
"product_reference": "pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6"
},
"product_reference": "pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6"
},
"product_reference": "pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6"
},
"product_reference": "pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6"
},
"product_reference": "pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6"
},
"product_reference": "pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6"
},
"product_reference": "pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6"
},
"product_reference": "pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6"
},
"product_reference": "pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6"
},
"product_reference": "pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6"
},
"product_reference": "pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6"
},
"product_reference": "pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6"
},
"product_reference": "pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6"
},
"product_reference": "pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6"
},
"product_reference": "pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6"
},
"product_reference": "pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6"
},
"product_reference": "pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6"
},
"product_reference": "pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6"
},
"product_reference": "pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6"
},
"product_reference": "pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6"
},
"product_reference": "pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6"
},
"product_reference": "pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6"
},
"product_reference": "pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6"
},
"product_reference": "pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6"
},
"product_reference": "pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6"
},
"product_reference": "pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6"
},
"product_reference": "pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6"
},
"product_reference": "pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6"
},
"product_reference": "pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6"
},
"product_reference": "pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6"
},
"product_reference": "pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6"
},
"product_reference": "pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
},
"product_reference": "python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6"
},
"product_reference": "python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6"
},
"product_reference": "python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6"
},
"product_reference": "python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6"
},
"product_reference": "python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6"
},
"product_reference": "python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6"
},
"product_reference": "python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6"
},
"product_reference": "python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6"
},
"product_reference": "python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6"
},
"product_reference": "python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6"
},
"product_reference": "python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6"
},
"product_reference": "python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6"
},
"product_reference": "python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6"
},
"product_reference": "python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6"
},
"product_reference": "python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6"
},
"product_reference": "python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6"
},
"product_reference": "python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6"
},
"product_reference": "python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6"
},
"product_reference": "relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
},
"product_reference": "relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6"
},
"product_reference": "resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6"
},
"product_reference": "resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6"
},
"product_reference": "slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
},
"product_reference": "slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6"
},
"product_reference": "slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6"
},
"product_reference": "stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6"
},
"product_reference": "stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6"
},
"product_reference": "tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6"
},
"product_reference": "tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6"
},
"product_reference": "velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
},
"product_reference": "velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6"
},
"product_reference": "xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
},
"product_reference": "xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6"
},
"product_reference": "xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
},
"product_reference": "xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6"
},
"product_reference": "xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
},
"product_reference": "xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6"
},
"product_reference": "xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
},
"product_reference": "xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6"
},
"product_reference": "xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6"
},
"product_reference": "xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6"
},
"product_reference": "xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
},
"product_reference": "xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-9251",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2016-11-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1399546"
}
],
"notes": [
{
"category": "description",
"text": "jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Cross-site scripting via cross-domain ajax requests",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-9251"
},
{
"category": "external",
"summary": "RHBZ#1399546",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1399546"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-9251",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9251"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-9251",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-9251"
}
],
"release_date": "2015-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:39:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4847"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Cross-site scripting via cross-domain ajax requests"
},
{
"cve": "CVE-2016-10735",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668097"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the data-target attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-10735"
},
{
"category": "external",
"summary": "RHBZ#1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10735"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735"
}
],
"release_date": "2016-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:39:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4847"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the data-target attribute"
},
{
"cve": "CVE-2018-14040",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601614"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14040"
},
{
"category": "external",
"summary": "RHBZ#1601614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14040",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14040"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:39:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4847"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute"
},
{
"cve": "CVE-2018-14042",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601617"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14042"
},
{
"category": "external",
"summary": "RHBZ#1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14042",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14042"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:39:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4847"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip"
},
{
"cve": "CVE-2019-8331",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-02-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1686454"
}
],
"notes": [
{
"category": "description",
"text": "A cross-site scripting vulnerability was discovered in bootstrap. If an attacker could control the data given to tooltip or popover, they could inject HTML or Javascript into the rendered page when tooltip or popover events fired.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the tooltip or popover data-template attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-8331"
},
{
"category": "external",
"summary": "RHBZ#1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-8331",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8331"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331"
}
],
"release_date": "2019-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:39:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4847"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the tooltip or popover data-template attribute"
},
{
"acknowledgments": [
{
"names": [
"Pritam Singh"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2019-10146",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-05-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1710171"
}
],
"notes": [
{
"category": "description",
"text": "A Reflected Cross Site Scripting flaw was found in the pki-ca module from the pki-core server due to the CA Agent Service not properly sanitizing the certificate request page. An attacker could inject a specially crafted value that will be executed on the victim\u0027s browser.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pki-core: Reflected XSS in \u0027path length\u0027 constraint field in CA\u0027s Agent page",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is considered Low, because it requires the attacker to first request or predict a valid nonce. Without a valid nonce, no arbitrary HTML will be sent back to the victim\u0027s browser.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-10146"
},
{
"category": "external",
"summary": "RHBZ#1710171",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1710171"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-10146",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10146"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10146",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10146"
}
],
"release_date": "2020-02-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:39:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4847"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "pki-core: Reflected XSS in \u0027path length\u0027 constraint field in CA\u0027s Agent page"
},
{
"acknowledgments": [
{
"names": [
"Pritam Singh"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2019-10179",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-04-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1695901"
}
],
"notes": [
{
"category": "description",
"text": "It was found that the Key Recovery Authority (KRA) Agent Service did not properly sanitize recovery request search page, enabling a Reflected Cross Site Scripting (XSS) vulnerability. An attacker could trick an authenticated victim into executing specially crafted Javascript code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA\u0027s DRM agent page in authorize recovery tab",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Low : the web UI uses client TLS authentication, therefore stealing session cookies will not be sufficient for unauthorized access. The vulnerable page itself does not contain secrets.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-10179"
},
{
"category": "external",
"summary": "RHBZ#1695901",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695901"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-10179",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10179"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10179",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10179"
}
],
"release_date": "2020-02-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:39:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4847"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA\u0027s DRM agent page in authorize recovery tab"
},
{
"acknowledgments": [
{
"names": [
"Pritam Singh"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2019-10221",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-07-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1732565"
}
],
"notes": [
{
"category": "description",
"text": "A Reflected Cross Site Scripting vulnerability was found in the pki-ca module from the pki-core server. This flaw is caused by missing sanitization of the GET URL parameters. An attacker could abuse this flaw to trick an authenticated user into clicking a specially crafted link which can execute arbitrary code when viewed in a browser.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pki-core: Reflected XSS in getcookies?url= endpoint in CA",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Low : the web UI uses client TLS authentication, therefore stealing session cookies will not be sufficient for unauthorized access. The vulnerable page itself does not contain secrets.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-10221"
},
{
"category": "external",
"summary": "RHBZ#1732565",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1732565"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-10221",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10221"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10221",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10221"
}
],
"release_date": "2020-02-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:39:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4847"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "pki-core: Reflected XSS in getcookies?url= endpoint in CA"
},
{
"cve": "CVE-2019-11358",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-03-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1701972"
}
],
"notes": [
{
"category": "description",
"text": "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-11358"
},
{
"category": "external",
"summary": "RHBZ#1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/",
"url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/"
},
{
"category": "external",
"summary": "https://www.drupal.org/sa-core-2019-006",
"url": "https://www.drupal.org/sa-core-2019-006"
}
],
"release_date": "2019-03-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:39:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4847"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection"
},
{
"acknowledgments": [
{
"names": [
"Pritam Singh"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2020-1721",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-11-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1777579"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Key Recovery Authority (KRA) Agent Service where it did not properly sanitize the recovery ID during a key recovery request, enabling a Reflected Cross-Site Scripting (XSS) vulnerability. An attacker could trick an authenticated victim into executing specially crafted Javascript code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pki-core: KRA vulnerable to reflected XSS via the getPk12 page",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Low : the web UI uses client TLS authentication, therefore stealing session cookies will not be sufficient for unauthorized access. The vulnerable page itself does not contain secrets.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-1721"
},
{
"category": "external",
"summary": "RHBZ#1777579",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1777579"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-1721",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1721"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1721",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1721"
}
],
"release_date": "2020-02-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:39:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4847"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "pki-core: KRA vulnerable to reflected XSS via the getPk12 page"
},
{
"acknowledgments": [
{
"names": [
"@ZeddYu"
],
"organization": "Apache Tomcat Security Team"
}
],
"cve": "CVE-2020-1935",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2019-12-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1806835"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Tomcat. The HTTP header parsing code used an approach to end-of-line (EOL) parsing that allowed some invalid HTTP headers to be parsed as valid. This led to the possibility of HTTP Request Smuggling if Tomcat was located behind a reverse proxy that incorrectly handled the invalid Transfer-Encoding header in a particular manner. The highest threat with this vulnerability is system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Mishandling of Transfer-Encoding header allows for HTTP request smuggling",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenDaylight in Red Hat OpenStack 10 \u0026 13 was in technical preview status, because of this no fixes will be released for it.\n\nIn Red Hat Satellite 6, Candlepin is using Tomcat to provide a REST API, and has been found to be vulnerable to the flaw. However, it is currently believed that no useful attacks can be carried over.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-1935"
},
{
"category": "external",
"summary": "RHBZ#1806835",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1806835"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-1935",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1935"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1935",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1935"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.100",
"url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.100"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.51",
"url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.51"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.31",
"url": "https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.31"
}
],
"release_date": "2020-02-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:39:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4847"
},
{
"category": "workaround",
"details": "Workaround for Red Hat Satellite 6 is to add iptables rule to deny TCP requests of Tomcat that are not originating from the Satellite.\n\nFor other Red Hat products, either mitigation isn\u0027t available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "tomcat: Mishandling of Transfer-Encoding header allows for HTTP request smuggling"
},
{
"cve": "CVE-2020-1938",
"cwe": {
"id": "CWE-285",
"name": "Improper Authorization"
},
"discovery_date": "2020-02-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1806398"
}
],
"notes": [
{
"category": "description",
"text": "CVE-2020-1938 is a file read/inclusion vulnerability in the AJP connector in Apache Tomcat. This is enabled by default with a default configuration port of 8009. A remote, unauthenticated attacker could exploit this vulnerability to read web application files from a vulnerable server. In instances where the vulnerable server allows file uploads, an attacker could upload malicious JavaServer Pages (JSP) code within a variety of file types and trigger this vulnerability to gain remote code execution (RCE).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Please refer to the Red Hat knowledgebase article: https://access.redhat.com/solutions/4851251 and CVE page https://access.redhat.com/security/cve/cve-2020-1745",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-1938"
},
{
"category": "external",
"summary": "RHBZ#1806398",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1806398"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-1938",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1938"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1938",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1938"
},
{
"category": "external",
"summary": "https://meterpreter.org/cve-2020-1938-apache-tomcat-ajp-connector-remote-code-execution-vulnerability-alert/",
"url": "https://meterpreter.org/cve-2020-1938-apache-tomcat-ajp-connector-remote-code-execution-vulnerability-alert/"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.100",
"url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.100"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.51",
"url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.51"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.31",
"url": "https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.31"
},
{
"category": "external",
"summary": "https://www.cnvd.org.cn/webinfo/show/5415",
"url": "https://www.cnvd.org.cn/webinfo/show/5415"
},
{
"category": "external",
"summary": "https://www.tenable.com/blog/cve-2020-1938-ghostcat-apache-tomcat-ajp-file-readinclusion-vulnerability-cnvd-2020-10487",
"url": "https://www.tenable.com/blog/cve-2020-1938-ghostcat-apache-tomcat-ajp-file-readinclusion-vulnerability-cnvd-2020-10487"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2020-02-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:39:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4847"
},
{
"category": "workaround",
"details": "Please refer to the Red Hat knowledgebase article: https://access.redhat.com/solutions/4851251",
"product_ids": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2022-03-03T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Moderate"
}
],
"title": "tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability"
},
{
"cve": "CVE-2020-11022",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-04-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1828406"
}
],
"notes": [
{
"category": "description",
"text": "A Cross-site scripting (XSS) vulnerability exists in JQuery. This flaw allows an attacker with the ability to supply input to the \u2018HTML\u2019 function to inject Javascript into the page where that input is rendered, and have it delivered by the browser.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "No supported release of Red Hat OpenStack Platform is affected by this vulnerability as no shipped packages contain the vulnerable code.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11022"
},
{
"category": "external",
"summary": "RHBZ#1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11022",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2",
"url": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2"
}
],
"release_date": "2020-04-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:39:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4847"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method"
},
{
"cve": "CVE-2020-11023",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-06-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1850004"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jQuery. HTML containing \\\u003coption\\\u003e elements from untrusted sources are passed, even after sanitizing, to one of jQuery\u0027s DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux versions 6, 7, and 8 ship a vulnerable version of JQuery in the `pcs` component. As PCS does not accept untrusted input, the vulnerable code cannot be controlled by an attacker.\n\nMultiple Red Hat offerings use doxygen to build documentation. During this process an affected jquery.js file can be included in the resulting package. The \u0027gcc\u0027 and \u0027tbb\u0027 packages were potentially vulnerable via this method.\n\nOpenShift Container Platform 4 is not affected because even though it uses the \u0027gcc\u0027 component, vulnerable code is limited within the libstdc++-docs rpm package, which is not shipped.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nStatic code analysis controls ensure that security flaws, including XSS vulnerabilities, are detected early in development by scanning code for improper input handling. This prevents vulnerable code from reaching production and encourages our developers to follow secure coding practices. System monitoring controls play a crucial role in detecting and responding to XSS attacks by analyzing logs, monitoring user behavior, and generating alerts for suspicious activity. Meanwhile, AWS WAF (Web Application Firewall) adds an extra layer of defense by filtering and blocking malicious input before it reaches the platform and/or application. Together, these controls create a defense-in-depth approach, reducing the risk of XSS exploitation by preventing, detecting, and mitigating attacks at multiple levels.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11023"
},
{
"category": "external",
"summary": "RHBZ#1850004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/",
"url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2020-04-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:39:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4847"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2025-01-23T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods"
},
{
"acknowledgments": [
{
"names": [
"Christian Heimes"
]
}
],
"cve": "CVE-2020-15720",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2020-06-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1855273"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in PKI, where the dogtag\u0027s pki.client.PKIConnection class disables the python-requests certificate validation. This flaw allows an attacker to intercept a connection between a FreeIPA client and a server, and execute an active Man-in-the-Middle attack. The highest threat from this vulnerability is to confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pki: Dogtag\u0027s python client does not validate certificates",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In PKI, the pki.client.PKIConnection python class is used by the `pki-server` and `pkispawn` commands. `pki-server` runs locally on the server, thus not subject to a Person in the Middle attack. `pkispawn` may access remote node in decentralized or cloned contexts.\n\nIdentity Management (IPA) command line interface (the vault related sub-commands) may call pki.client.PKIConnection().",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-15720"
},
{
"category": "external",
"summary": "RHBZ#1855273",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1855273"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-15720",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15720"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-15720",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15720"
}
],
"release_date": "2020-06-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:39:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4847"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "pki: Dogtag\u0027s python client does not validate certificates"
},
{
"cve": "CVE-2020-25715",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-10-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1891016"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in pki-core. A specially crafted POST request can be used to reflect a DOM-based cross-site scripting (XSS) attack to inject code into the search query form which can get automatically executed. The highest threat from this vulnerability is to data integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pki-core: XSS in the certificate search results",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 8.3 (pki-core 10.9.4) contains mitigations that prevents the vulnerability to be exploited. Red Hat Enterprise Linux version 8 prior to 8.3 are vulnerable to this version",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-25715"
},
{
"category": "external",
"summary": "RHBZ#1891016",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1891016"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-25715",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25715"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-25715",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25715"
}
],
"release_date": "2021-03-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:39:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4847"
},
{
"category": "workaround",
"details": "Because the cross-site scripting (XSS) attack requires the victim to have their RHCS certificate installed in their web browser to be successful, it is recommended that web browser not hold the keys and that the user use the command line interface (CLI) instead.",
"product_ids": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "pki-core: XSS in the certificate search results"
},
{
"cve": "CVE-2022-25762",
"cwe": {
"id": "CWE-226",
"name": "Sensitive Information in Resource Not Removed Before Reuse"
},
"discovery_date": "2022-05-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2085304"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the tomcat package. When a web application sends a WebSocket message concurrently with the WebSocket connection closing, the application may continue to use the socket after it has been closed. In this case, the error handling triggered could cause the pooled object to be placed in the pool twice. This issue results in subsequent connections using the same object concurrently, which causes data to be potentially returned to the wrong user or application stability issues.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: request mixup",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects Apache Tomcat 8.5.0 to 8.5.75 or Apache Tomcat 9.0.0.M1 to 9.0.20.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25762"
},
{
"category": "external",
"summary": "RHBZ#2085304",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2085304"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25762",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25762"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25762",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25762"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.76",
"url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.76"
}
],
"release_date": "2022-05-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:39:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4847"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "tomcat: request mixup"
}
]
}
rhba-2019:1570
Vulnerability from csaf_redhat
Published
2019-06-20 14:47
Modified
2025-10-10 01:33
Summary
Red Hat Bug Fix Advisory: ovirt-engine-api-explorer bug fix and enhancement update for RHV 4.3.4
Notes
Topic
Updated ovirt-engine-api-explorer packages that fix several bugs and add various enhancements are now available.
Details
The ovirt-engine-api-explorer package provides a web application for exploring the oVirt API documentation.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated ovirt-engine-api-explorer packages that fix several bugs and add various enhancements are now available.",
"title": "Topic"
},
{
"category": "general",
"text": "The ovirt-engine-api-explorer package provides a web application for exploring the oVirt API documentation.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHBA-2019:1570",
"url": "https://access.redhat.com/errata/RHBA-2019:1570"
},
{
"category": "external",
"summary": "1710688",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1710688"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhba-2019_1570.json"
}
],
"title": "Red Hat Bug Fix Advisory: ovirt-engine-api-explorer bug fix and enhancement update for RHV 4.3.4",
"tracking": {
"current_release_date": "2025-10-10T01:33:44+00:00",
"generator": {
"date": "2025-10-10T01:33:44+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHBA-2019:1570",
"initial_release_date": "2019-06-20T14:47:51+00:00",
"revision_history": [
{
"date": "2019-06-20T14:47:51+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2019-06-20T14:47:51+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-10T01:33:44+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHV-M 4.3",
"product": {
"name": "RHV-M 4.3",
"product_id": "7Server-RHV-S-4.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhev_manager:4.3"
}
}
}
],
"category": "product_family",
"name": "Red Hat Virtualization"
},
{
"branches": [
{
"category": "product_version",
"name": "ovirt-engine-api-explorer-0:0.0.5-1.el7ev.src",
"product": {
"name": "ovirt-engine-api-explorer-0:0.0.5-1.el7ev.src",
"product_id": "ovirt-engine-api-explorer-0:0.0.5-1.el7ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-api-explorer@0.0.5-1.el7ev?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "ovirt-engine-api-explorer-0:0.0.5-1.el7ev.noarch",
"product": {
"name": "ovirt-engine-api-explorer-0:0.0.5-1.el7ev.noarch",
"product_id": "ovirt-engine-api-explorer-0:0.0.5-1.el7ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-api-explorer@0.0.5-1.el7ev?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-api-explorer-0:0.0.5-1.el7ev.noarch as a component of RHV-M 4.3",
"product_id": "7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.noarch"
},
"product_reference": "ovirt-engine-api-explorer-0:0.0.5-1.el7ev.noarch",
"relates_to_product_reference": "7Server-RHV-S-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-api-explorer-0:0.0.5-1.el7ev.src as a component of RHV-M 4.3",
"product_id": "7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.src"
},
"product_reference": "ovirt-engine-api-explorer-0:0.0.5-1.el7ev.src",
"relates_to_product_reference": "7Server-RHV-S-4.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-10735",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668097"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the data-target attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-10735"
},
{
"category": "external",
"summary": "RHBZ#1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10735"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735"
}
],
"release_date": "2016-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-06-20T14:47:51+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2019:1570"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the data-target attribute"
},
{
"cve": "CVE-2018-20676",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668082"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting, caused by improper validation of user-supplied input by the tooltip data-viewport attribute. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the tooltip data-viewport attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions do not use the vulnerable component at all.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-20676"
},
{
"category": "external",
"summary": "RHBZ#1668082",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668082"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-20676",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20676"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20676",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20676"
}
],
"release_date": "2018-08-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-06-20T14:47:51+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2019:1570"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the tooltip data-viewport attribute"
},
{
"cve": "CVE-2018-20677",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668089"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting caused by improper validation of user-supplied input by the affix configuration target property. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the affix configuration target property",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions do not use the vulnerable component at all.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-20677"
},
{
"category": "external",
"summary": "RHBZ#1668089",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668089"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-20677",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20677"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20677",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20677"
}
],
"release_date": "2018-08-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-06-20T14:47:51+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2019:1570"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the affix configuration target property"
},
{
"cve": "CVE-2019-11358",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-03-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1701972"
}
],
"notes": [
{
"category": "description",
"text": "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-11358"
},
{
"category": "external",
"summary": "RHBZ#1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/",
"url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/"
},
{
"category": "external",
"summary": "https://www.drupal.org/sa-core-2019-006",
"url": "https://www.drupal.org/sa-core-2019-006"
}
],
"release_date": "2019-03-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-06-20T14:47:51+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2019:1570"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection"
}
]
}
RHSA-2020:0132
Vulnerability from csaf_redhat
Published
2020-01-16 16:02
Modified
2025-10-10 01:34
Summary
Red Hat Security Advisory: Red Hat Process Automation Manager 7.6.0 Security Update
Notes
Topic
An update is now available for Red Hat Process Automation Manager.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Process Automation Manager is an open source business process management suite that combines process management and decision service management and enables business and IT users to create, manage, validate, and deploy process applications and decision services.
This release of Red Hat Process Automation Manager 7.6.0 serves as an update to Red Hat Process Automation Manager 7.5.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* bootstrap: XSS in the affix configuration target property (CVE-2018-20677)
* bootstrap: XSS in the data-target attribute (CVE-2016-10735)
* bootstrap: XSS in the tooltip data-viewport attribute (CVE-2018-20676)
* Business-central: Encrypted password shown under Object id 7 of errai_security_context (CVE-2019-14886)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat Process Automation Manager.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Process Automation Manager is an open source business process management suite that combines process management and decision service management and enables business and IT users to create, manage, validate, and deploy process applications and decision services.\n\nThis release of Red Hat Process Automation Manager 7.6.0 serves as an update to Red Hat Process Automation Manager 7.5.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* bootstrap: XSS in the affix configuration target property (CVE-2018-20677)\n\n* bootstrap: XSS in the data-target attribute (CVE-2016-10735)\n\n* bootstrap: XSS in the tooltip data-viewport attribute (CVE-2018-20676)\n\n* Business-central: Encrypted password shown under Object id 7 of errai_security_context (CVE-2019-14886)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:0132",
"url": "https://access.redhat.com/errata/RHSA-2020:0132"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=rhpam\u0026version=7.6.0",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=rhpam\u0026version=7.6.0"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_process_automation_manager/7.6/html/release_notes_for_red_hat_process_automation_manager_7.6/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_process_automation_manager/7.6/html/release_notes_for_red_hat_process_automation_manager_7.6/index"
},
{
"category": "external",
"summary": "1668082",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668082"
},
{
"category": "external",
"summary": "1668089",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668089"
},
{
"category": "external",
"summary": "1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "1771354",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1771354"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_0132.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Process Automation Manager 7.6.0 Security Update",
"tracking": {
"current_release_date": "2025-10-10T01:34:08+00:00",
"generator": {
"date": "2025-10-10T01:34:08+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2020:0132",
"initial_release_date": "2020-01-16T16:02:02+00:00",
"revision_history": [
{
"date": "2020-01-16T16:02:02+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-01-16T16:02:02+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-10T01:34:08+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Process Automation 7",
"product": {
"name": "Red Hat Process Automation 7",
"product_id": "Red Hat Process Automation 7",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_bpms_platform:7.6"
}
}
}
],
"category": "product_family",
"name": "Red Hat Process Automation Manager"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-10735",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668097"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the data-target attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Process Automation 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-10735"
},
{
"category": "external",
"summary": "RHBZ#1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10735"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735"
}
],
"release_date": "2016-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-01-16T16:02:02+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Process Automation 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0132"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat Process Automation 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the data-target attribute"
},
{
"cve": "CVE-2018-20676",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668082"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting, caused by improper validation of user-supplied input by the tooltip data-viewport attribute. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the tooltip data-viewport attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions do not use the vulnerable component at all.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Process Automation 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-20676"
},
{
"category": "external",
"summary": "RHBZ#1668082",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668082"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-20676",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20676"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20676",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20676"
}
],
"release_date": "2018-08-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-01-16T16:02:02+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Process Automation 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0132"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat Process Automation 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the tooltip data-viewport attribute"
},
{
"cve": "CVE-2018-20677",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668089"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting caused by improper validation of user-supplied input by the affix configuration target property. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the affix configuration target property",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions do not use the vulnerable component at all.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Process Automation 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-20677"
},
{
"category": "external",
"summary": "RHBZ#1668089",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668089"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-20677",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20677"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20677",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20677"
}
],
"release_date": "2018-08-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-01-16T16:02:02+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Process Automation 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0132"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat Process Automation 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the affix configuration target property"
},
{
"cve": "CVE-2019-14886",
"cwe": {
"id": "CWE-312",
"name": "Cleartext Storage of Sensitive Information"
},
"discovery_date": "2019-11-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1771354"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in business-central where encoded passwords are stored in errai_security_context. The encoding used for storing the passwords is Base64, not an encryption algorithm, and any recovery of these passwords could lead to user passwords being exposed.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Business-central: Encrypted password shown under Object id 7 of errai_security_context",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Process Automation 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-14886"
},
{
"category": "external",
"summary": "RHBZ#1771354",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1771354"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-14886",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14886"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14886",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14886"
},
{
"category": "external",
"summary": "https://groups.google.com/forum/?utm_medium=email\u0026utm_source=footer#!msg/jbpm-usage/74pSuwfGKRU/0oXpmRScBQAJ",
"url": "https://groups.google.com/forum/?utm_medium=email\u0026utm_source=footer#!msg/jbpm-usage/74pSuwfGKRU/0oXpmRScBQAJ"
}
],
"release_date": "2019-09-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-01-16T16:02:02+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Process Automation 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0132"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat Process Automation 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Business-central: Encrypted password shown under Object id 7 of errai_security_context"
}
]
}
RHBA-2019:1076
Vulnerability from csaf_redhat
Published
2019-05-08 12:47
Modified
2025-10-10 01:33
Summary
Red Hat Bug Fix Advisory: ovirt-engine-api-explorer bug fix and enhancement update for RHV 4.3
Notes
Topic
Updated ovirt-engine-api-explorer packages that fix several bugs and add various enhancements are now available.
Details
The ovirt-engine-api-explorer package provides a web application for exploring the oVirt API documentation.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated ovirt-engine-api-explorer packages that fix several bugs and add various enhancements are now available.",
"title": "Topic"
},
{
"category": "general",
"text": "The ovirt-engine-api-explorer package provides a web application for exploring the oVirt API documentation.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHBA-2019:1076",
"url": "https://access.redhat.com/errata/RHBA-2019:1076"
},
{
"category": "external",
"summary": "1639272",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1639272"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhba-2019_1076.json"
}
],
"title": "Red Hat Bug Fix Advisory: ovirt-engine-api-explorer bug fix and enhancement update for RHV 4.3",
"tracking": {
"current_release_date": "2025-10-10T01:33:42+00:00",
"generator": {
"date": "2025-10-10T01:33:42+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHBA-2019:1076",
"initial_release_date": "2019-05-08T12:47:06+00:00",
"revision_history": [
{
"date": "2019-05-08T12:47:06+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2019-05-08T12:47:06+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-10T01:33:42+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHV-M 4.3",
"product": {
"name": "RHV-M 4.3",
"product_id": "7Server-RHV-S-4.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhev_manager:4.3"
}
}
}
],
"category": "product_family",
"name": "Red Hat Virtualization"
},
{
"branches": [
{
"category": "product_version",
"name": "ovirt-engine-api-explorer-0:0.0.4-1.el7ev.src",
"product": {
"name": "ovirt-engine-api-explorer-0:0.0.4-1.el7ev.src",
"product_id": "ovirt-engine-api-explorer-0:0.0.4-1.el7ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-api-explorer@0.0.4-1.el7ev?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "ovirt-engine-api-explorer-0:0.0.4-1.el7ev.noarch",
"product": {
"name": "ovirt-engine-api-explorer-0:0.0.4-1.el7ev.noarch",
"product_id": "ovirt-engine-api-explorer-0:0.0.4-1.el7ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-api-explorer@0.0.4-1.el7ev?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-api-explorer-0:0.0.4-1.el7ev.noarch as a component of RHV-M 4.3",
"product_id": "7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.4-1.el7ev.noarch"
},
"product_reference": "ovirt-engine-api-explorer-0:0.0.4-1.el7ev.noarch",
"relates_to_product_reference": "7Server-RHV-S-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-api-explorer-0:0.0.4-1.el7ev.src as a component of RHV-M 4.3",
"product_id": "7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.4-1.el7ev.src"
},
"product_reference": "ovirt-engine-api-explorer-0:0.0.4-1.el7ev.src",
"relates_to_product_reference": "7Server-RHV-S-4.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-10735",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668097"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the data-target attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.4-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.4-1.el7ev.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-10735"
},
{
"category": "external",
"summary": "RHBZ#1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10735"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735"
}
],
"release_date": "2016-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-05-08T12:47:06+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.4-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.4-1.el7ev.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2019:1076"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.4-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.4-1.el7ev.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the data-target attribute"
},
{
"cve": "CVE-2018-20676",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668082"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting, caused by improper validation of user-supplied input by the tooltip data-viewport attribute. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the tooltip data-viewport attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions do not use the vulnerable component at all.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.4-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.4-1.el7ev.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-20676"
},
{
"category": "external",
"summary": "RHBZ#1668082",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668082"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-20676",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20676"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20676",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20676"
}
],
"release_date": "2018-08-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-05-08T12:47:06+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.4-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.4-1.el7ev.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2019:1076"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.4-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.4-1.el7ev.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the tooltip data-viewport attribute"
},
{
"cve": "CVE-2018-20677",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668089"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting caused by improper validation of user-supplied input by the affix configuration target property. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the affix configuration target property",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions do not use the vulnerable component at all.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.4-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.4-1.el7ev.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-20677"
},
{
"category": "external",
"summary": "RHBZ#1668089",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668089"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-20677",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20677"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20677",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20677"
}
],
"release_date": "2018-08-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-05-08T12:47:06+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.4-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.4-1.el7ev.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2019:1076"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.4-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.4-1.el7ev.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the affix configuration target property"
}
]
}
RHSA-2023:0556
Vulnerability from csaf_redhat
Published
2023-01-31 13:18
Modified
2025-10-13 04:53
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 7.4. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.8, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.9 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* jquery: Prototype pollution in object's prototype leading to denial of
service, remote code execution, or property injection (CVE-2019-11358)
* jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251)
* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)
* jquery: Untrusted code execution via <option> tag in HTML passed to DOM
manipulation methods (CVE-2020-11023)
* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)
* bootstrap: XSS in the data-target attribute (CVE-2016-10735)
* bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy (CVE-2018-14041)
* sshd-common: mina-sshd: Java unsafe deserialization vulnerability (CVE-2022-45047)
* woodstox-core: woodstox to serialise XML data was vulnerable to Denial of
Service attacks (CVE-2022-40152)
* bootstrap: Cross-site Scripting (XSS) in the data-container property of
tooltip (CVE-2018-14042)
* bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331)
* nodejs-moment: Regular expression denial of service (CVE-2017-18214)
* wildfly-elytron: possible timing attacks via use of unsafe comparator (CVE-2022-3143)
* jackson-databind: use of deeply nested arrays (CVE-2022-42004)
* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)
* jettison: parser crash by stackoverflow (CVE-2022-40149)
* jettison: memory exhaustion via user-supplied XML or JSON data (CVE-2022-40150)
* jettison: If the value in map is the map's self, the new new JSONObject(map) cause StackOverflowError which may lead to dos (CVE-2022-45693)
* CXF: Apache CXF: SSRF Vulnerability (CVE-2022-46364)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.4. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.8, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.9 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* jquery: Prototype pollution in object\u0027s prototype leading to denial of\nservice, remote code execution, or property injection (CVE-2019-11358)\n\n* jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251)\n\n* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)\n\n* jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM\nmanipulation methods (CVE-2020-11023)\n\n* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)\n\n* bootstrap: XSS in the data-target attribute (CVE-2016-10735)\n\n* bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy (CVE-2018-14041)\n\n* sshd-common: mina-sshd: Java unsafe deserialization vulnerability (CVE-2022-45047)\n\n* woodstox-core: woodstox to serialise XML data was vulnerable to Denial of\nService attacks (CVE-2022-40152)\n\n* bootstrap: Cross-site Scripting (XSS) in the data-container property of\ntooltip (CVE-2018-14042)\n\n* bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331)\n\n* nodejs-moment: Regular expression denial of service (CVE-2017-18214)\n\n* wildfly-elytron: possible timing attacks via use of unsafe comparator (CVE-2022-3143)\n\n* jackson-databind: use of deeply nested arrays (CVE-2022-42004)\n\n* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)\n\n* jettison: parser crash by stackoverflow (CVE-2022-40149)\n\n* jettison: memory exhaustion via user-supplied XML or JSON data (CVE-2022-40150)\n\n* jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos (CVE-2022-45693)\n\n* CXF: Apache CXF: SSRF Vulnerability (CVE-2022-46364)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:0556",
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
},
{
"category": "external",
"summary": "JBEAP-24081",
"url": "https://issues.redhat.com/browse/JBEAP-24081"
},
{
"category": "external",
"summary": "JBEAP-24095",
"url": "https://issues.redhat.com/browse/JBEAP-24095"
},
{
"category": "external",
"summary": "JBEAP-24100",
"url": "https://issues.redhat.com/browse/JBEAP-24100"
},
{
"category": "external",
"summary": "JBEAP-24127",
"url": "https://issues.redhat.com/browse/JBEAP-24127"
},
{
"category": "external",
"summary": "JBEAP-24128",
"url": "https://issues.redhat.com/browse/JBEAP-24128"
},
{
"category": "external",
"summary": "JBEAP-24132",
"url": "https://issues.redhat.com/browse/JBEAP-24132"
},
{
"category": "external",
"summary": "JBEAP-24147",
"url": "https://issues.redhat.com/browse/JBEAP-24147"
},
{
"category": "external",
"summary": "JBEAP-24167",
"url": "https://issues.redhat.com/browse/JBEAP-24167"
},
{
"category": "external",
"summary": "JBEAP-24191",
"url": "https://issues.redhat.com/browse/JBEAP-24191"
},
{
"category": "external",
"summary": "JBEAP-24195",
"url": "https://issues.redhat.com/browse/JBEAP-24195"
},
{
"category": "external",
"summary": "JBEAP-24207",
"url": "https://issues.redhat.com/browse/JBEAP-24207"
},
{
"category": "external",
"summary": "JBEAP-24248",
"url": "https://issues.redhat.com/browse/JBEAP-24248"
},
{
"category": "external",
"summary": "JBEAP-24426",
"url": "https://issues.redhat.com/browse/JBEAP-24426"
},
{
"category": "external",
"summary": "JBEAP-24427",
"url": "https://issues.redhat.com/browse/JBEAP-24427"
},
{
"category": "external",
"summary": "JBEAP-23865",
"url": "https://issues.redhat.com/browse/JBEAP-23865"
},
{
"category": "external",
"summary": "JBEAP-23866",
"url": "https://issues.redhat.com/browse/JBEAP-23866"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=appplatform\u0026version=7.4",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=appplatform\u0026version=7.4"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/"
},
{
"category": "external",
"summary": "JBEAP-24055",
"url": "https://issues.redhat.com/browse/JBEAP-24055"
},
{
"category": "external",
"summary": "JBEAP-23864",
"url": "https://issues.redhat.com/browse/JBEAP-23864"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_0556.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update",
"tracking": {
"current_release_date": "2025-10-13T04:53:24+00:00",
"generator": {
"date": "2025-10-13T04:53:24+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2023:0556",
"initial_release_date": "2023-01-31T13:18:26+00:00",
"revision_history": [
{
"date": "2023-01-31T13:18:26+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-01-31T13:18:26+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-13T04:53:24+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update",
"product": {
"name": "Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update",
"product_id": "Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-9251",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2016-11-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1399546"
}
],
"notes": [
{
"category": "description",
"text": "jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Cross-site scripting via cross-domain ajax requests",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-9251"
},
{
"category": "external",
"summary": "RHBZ#1399546",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1399546"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-9251",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9251"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-9251",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-9251"
}
],
"release_date": "2015-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:18:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jquery: Cross-site scripting via cross-domain ajax requests"
},
{
"cve": "CVE-2016-10735",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668097"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the data-target attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-10735"
},
{
"category": "external",
"summary": "RHBZ#1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10735"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735"
}
],
"release_date": "2016-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:18:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "bootstrap: XSS in the data-target attribute"
},
{
"cve": "CVE-2017-18214",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2018-03-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1553413"
}
],
"notes": [
{
"category": "description",
"text": "The moment module before 2.19.3 for Node.js is prone to a regular expression denial of service via a crafted date string, a different vulnerability than CVE-2016-4055.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-moment: Regular expression denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of momentjs as shipped with Red Hat Enterprise Satellite 5. Red Hat Product Security has rated this issue as having security impact of Moderate. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.\n\nIn Quay 3.10 and above, no version of affected momentjs is present.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-18214"
},
{
"category": "external",
"summary": "RHBZ#1553413",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1553413"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-18214",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18214"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-18214",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-18214"
}
],
"release_date": "2017-09-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:18:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "nodejs-moment: Regular expression denial of service"
},
{
"cve": "CVE-2018-14040",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601614"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14040"
},
{
"category": "external",
"summary": "RHBZ#1601614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14040",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14040"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:18:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute"
},
{
"cve": "CVE-2018-14041",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601616"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting, caused by improper validation of user-supplied input by the data-target property of scrollspy. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14041"
},
{
"category": "external",
"summary": "RHBZ#1601616",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601616"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14041",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14041"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14041",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14041"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:18:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy"
},
{
"cve": "CVE-2018-14042",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601617"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14042"
},
{
"category": "external",
"summary": "RHBZ#1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14042",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14042"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:18:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip"
},
{
"cve": "CVE-2019-8331",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-02-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1686454"
}
],
"notes": [
{
"category": "description",
"text": "A cross-site scripting vulnerability was discovered in bootstrap. If an attacker could control the data given to tooltip or popover, they could inject HTML or Javascript into the rendered page when tooltip or popover events fired.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the tooltip or popover data-template attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-8331"
},
{
"category": "external",
"summary": "RHBZ#1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-8331",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8331"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331"
}
],
"release_date": "2019-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:18:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "bootstrap: XSS in the tooltip or popover data-template attribute"
},
{
"cve": "CVE-2019-11358",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-03-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1701972"
}
],
"notes": [
{
"category": "description",
"text": "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-11358"
},
{
"category": "external",
"summary": "RHBZ#1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/",
"url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/"
},
{
"category": "external",
"summary": "https://www.drupal.org/sa-core-2019-006",
"url": "https://www.drupal.org/sa-core-2019-006"
}
],
"release_date": "2019-03-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:18:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection"
},
{
"cve": "CVE-2020-11022",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-04-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1828406"
}
],
"notes": [
{
"category": "description",
"text": "A Cross-site scripting (XSS) vulnerability exists in JQuery. This flaw allows an attacker with the ability to supply input to the \u2018HTML\u2019 function to inject Javascript into the page where that input is rendered, and have it delivered by the browser.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "No supported release of Red Hat OpenStack Platform is affected by this vulnerability as no shipped packages contain the vulnerable code.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11022"
},
{
"category": "external",
"summary": "RHBZ#1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11022",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2",
"url": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2"
}
],
"release_date": "2020-04-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:18:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method"
},
{
"cve": "CVE-2020-11023",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-06-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1850004"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jQuery. HTML containing \\\u003coption\\\u003e elements from untrusted sources are passed, even after sanitizing, to one of jQuery\u0027s DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux versions 6, 7, and 8 ship a vulnerable version of JQuery in the `pcs` component. As PCS does not accept untrusted input, the vulnerable code cannot be controlled by an attacker.\n\nMultiple Red Hat offerings use doxygen to build documentation. During this process an affected jquery.js file can be included in the resulting package. The \u0027gcc\u0027 and \u0027tbb\u0027 packages were potentially vulnerable via this method.\n\nOpenShift Container Platform 4 is not affected because even though it uses the \u0027gcc\u0027 component, vulnerable code is limited within the libstdc++-docs rpm package, which is not shipped.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nStatic code analysis controls ensure that security flaws, including XSS vulnerabilities, are detected early in development by scanning code for improper input handling. This prevents vulnerable code from reaching production and encourages our developers to follow secure coding practices. System monitoring controls play a crucial role in detecting and responding to XSS attacks by analyzing logs, monitoring user behavior, and generating alerts for suspicious activity. Meanwhile, AWS WAF (Web Application Firewall) adds an extra layer of defense by filtering and blocking malicious input before it reaches the platform and/or application. Together, these controls create a defense-in-depth approach, reducing the risk of XSS exploitation by preventing, detecting, and mitigating attacks at multiple levels.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11023"
},
{
"category": "external",
"summary": "RHBZ#1850004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/",
"url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2020-04-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:18:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2025-01-23T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Low"
}
],
"title": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods"
},
{
"cve": "CVE-2022-3143",
"cwe": {
"id": "CWE-208",
"name": "Observable Timing Discrepancy"
},
"discovery_date": "2022-09-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2124682"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly-elytron. Wildfly-elytron uses java.util.Arrays.equals in several places, which is unsafe and vulnerable to timing attacks. To compare values securely, use java.security.MessageDigest.isEqual instead. This flaw allows an attacker to access secure information or impersonate an authed user.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly-elytron: possible timing attacks via use of unsafe comparator",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-3143"
},
{
"category": "external",
"summary": "RHBZ#2124682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124682"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-3143",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3143"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3143",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3143"
}
],
"release_date": "2022-09-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:18:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly-elytron: possible timing attacks via use of unsafe comparator"
},
{
"cve": "CVE-2022-40149",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-10-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135771"
}
],
"notes": [
{
"category": "description",
"text": "A stack-based buffer overflow vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. This flaw allows an attacker to supply content that causes the parser to crash by writing outside the memory bounds if the parser is running on user-supplied input, resulting in a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: parser crash by stackoverflow",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40149"
},
{
"category": "external",
"summary": "RHBZ#2135771",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135771"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40149",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40149"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149"
},
{
"category": "external",
"summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1",
"url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1"
}
],
"release_date": "2022-09-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:18:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jettison: parser crash by stackoverflow"
},
{
"cve": "CVE-2022-40150",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-10-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135770"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. If the parser is running on user-supplied input, an attacker may supply content that causes the parser to crash, causing memory exhaustion. This effect may support a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: memory exhaustion via user-supplied XML or JSON data",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40150"
},
{
"category": "external",
"summary": "RHBZ#2135770",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40150",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40150"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150"
},
{
"category": "external",
"summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1",
"url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1"
}
],
"release_date": "2022-09-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:18:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jettison: memory exhaustion via user-supplied XML or JSON data"
},
{
"cve": "CVE-2022-40152",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-10-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2134291"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the FasterXML/woodstox package. This flaw allows an attacker to cause a denial of service (DoS) in its target via XML serialization. An attacker may benefit from the parser sending a malicious input that may cause a crash. This vulnerability is only relevant for users using the DTD parsing functionality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40152"
},
{
"category": "external",
"summary": "RHBZ#2134291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134291"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40152",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40152"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40152",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40152"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-3f7h-mf4q-vrm4",
"url": "https://github.com/advisories/GHSA-3f7h-mf4q-vrm4"
}
],
"release_date": "2022-09-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:18:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks"
},
{
"cve": "CVE-2022-42003",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135244"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42003"
},
{
"category": "external",
"summary": "RHBZ#2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42003",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:18:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS"
},
{
"cve": "CVE-2022-42004",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135247"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: use of deeply nested arrays",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42004"
},
{
"category": "external",
"summary": "RHBZ#2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42004",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:18:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: use of deeply nested arrays"
},
{
"cve": "CVE-2022-45047",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-11-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2145194"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache MINA SSHD, when using Java deserialization to load a serialized java.security.PrivateKey. An attacker could benefit from unsafe deserialization by inserting unsecured data that may affect the application or server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mina-sshd: Java unsafe deserialization vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Impact as High as there\u0027s a mitigation for minimizing the impact which the flaw requires org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to be impacted, which would require an external/public API for an attacker to benefit from it. \n\nRed Hat Fuse 7 and Red Hat JBoss Enterprise Application Platform 7 have a lower rate (moderate) as it\u0027s very unlikely to be exploited since those are for internal usage or use a custom implementation in their case.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45047"
},
{
"category": "external",
"summary": "RHBZ#2145194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45047",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45047"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047"
},
{
"category": "external",
"summary": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html",
"url": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html"
}
],
"release_date": "2022-11-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:18:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
},
{
"category": "workaround",
"details": "From the maintainer:\n\nFor Apache MINA SSHD \u003c= 2.9.1, do not use org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to generate and later load your server\u0027s host key. Use separately generated host key files, for instance in OpenSSH format, and load them via a org.apache.sshd.common.keyprovider.FileKeyPairProvider instead. Or use a custom implementation instead of \nSimpleGeneratorHostKeyProvider that uses the OpenSSH format for storing and loading the host key (via classes OpenSSHKeyPairResourceWriter and OpenSSHKeyPairResourceParser).",
"product_ids": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mina-sshd: Java unsafe deserialization vulnerability"
},
{
"cve": "CVE-2022-45693",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-12-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155970"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jettison, where it is vulnerable to a denial of service caused by a stack-based buffer overflow. By sending a specially-crafted request using the map parameter, a remote attacker can cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat has determined the impact of this flaw to be Moderate; a successful attack using this flaw would require the processing of untrusted, unsanitized, or unrestricted user inputs, which runs counter to established Red Hat security practices.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45693"
},
{
"category": "external",
"summary": "RHBZ#2155970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155970"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45693",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45693"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45693",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45693"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:18:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos"
},
{
"cve": "CVE-2022-46363",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2022-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155681"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Apache CXF that could allow an attacker to perform a remote directory listing or code exfiltration. This issue only applies when the CXFServlet is configured with both the static-resources-list and redirect-query-check attributes. These attributes are not supposed to be used together, so the issue can only occur if the CXF service is misconfigured.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "CXF: directory listing / code exfiltration",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-46363"
},
{
"category": "external",
"summary": "RHBZ#2155681",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155681"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-46363",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46363"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46363",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46363"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/pdzo1qgyplf4y523tnnzrcm7hoco3l8c",
"url": "https://lists.apache.org/thread/pdzo1qgyplf4y523tnnzrcm7hoco3l8c"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:18:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "CXF: directory listing / code exfiltration"
},
{
"cve": "CVE-2022-46364",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2022-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155682"
}
],
"notes": [
{
"category": "description",
"text": "A SSRF vulnerability was found in Apache CXF. This issue occurs when parsing the href attribute of XOP:Include in MTOM requests, allowing an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "CXF: SSRF Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Integration Camel Quarkus does not support CXF extensions and so is affected at a reduced impact of Moderate.\nThe RHSSO server does not ship Apache CXF. The component mentioned in CVE-2022-46364 is a transitive dependency coming from Fuse adapters and the test suite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-46364"
},
{
"category": "external",
"summary": "RHBZ#2155682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155682"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-46364",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46364"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46364",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46364"
},
{
"category": "external",
"summary": "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1\u0026modificationDate=1670944472739\u0026api=v2",
"url": "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1\u0026modificationDate=1670944472739\u0026api=v2"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:18:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "CXF: SSRF Vulnerability"
}
]
}
rhsa-2023_0556
Vulnerability from csaf_redhat
Published
2023-01-31 13:18
Modified
2025-01-06 16:22
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 7.4. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.8, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.9 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* jquery: Prototype pollution in object's prototype leading to denial of
service, remote code execution, or property injection (CVE-2019-11358)
* jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251)
* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)
* jquery: Untrusted code execution via <option> tag in HTML passed to DOM
manipulation methods (CVE-2020-11023)
* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)
* bootstrap: XSS in the data-target attribute (CVE-2016-10735)
* bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy (CVE-2018-14041)
* sshd-common: mina-sshd: Java unsafe deserialization vulnerability (CVE-2022-45047)
* woodstox-core: woodstox to serialise XML data was vulnerable to Denial of
Service attacks (CVE-2022-40152)
* bootstrap: Cross-site Scripting (XSS) in the data-container property of
tooltip (CVE-2018-14042)
* bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331)
* nodejs-moment: Regular expression denial of service (CVE-2017-18214)
* wildfly-elytron: possible timing attacks via use of unsafe comparator (CVE-2022-3143)
* jackson-databind: use of deeply nested arrays (CVE-2022-42004)
* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)
* jettison: parser crash by stackoverflow (CVE-2022-40149)
* jettison: memory exhaustion via user-supplied XML or JSON data (CVE-2022-40150)
* jettison: If the value in map is the map's self, the new new JSONObject(map) cause StackOverflowError which may lead to dos (CVE-2022-45693)
* CXF: Apache CXF: SSRF Vulnerability (CVE-2022-46364)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.4. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.8, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.9 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* jquery: Prototype pollution in object\u0027s prototype leading to denial of\nservice, remote code execution, or property injection (CVE-2019-11358)\n\n* jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251)\n\n* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)\n\n* jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM\nmanipulation methods (CVE-2020-11023)\n\n* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)\n\n* bootstrap: XSS in the data-target attribute (CVE-2016-10735)\n\n* bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy (CVE-2018-14041)\n\n* sshd-common: mina-sshd: Java unsafe deserialization vulnerability (CVE-2022-45047)\n\n* woodstox-core: woodstox to serialise XML data was vulnerable to Denial of\nService attacks (CVE-2022-40152)\n\n* bootstrap: Cross-site Scripting (XSS) in the data-container property of\ntooltip (CVE-2018-14042)\n\n* bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331)\n\n* nodejs-moment: Regular expression denial of service (CVE-2017-18214)\n\n* wildfly-elytron: possible timing attacks via use of unsafe comparator (CVE-2022-3143)\n\n* jackson-databind: use of deeply nested arrays (CVE-2022-42004)\n\n* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)\n\n* jettison: parser crash by stackoverflow (CVE-2022-40149)\n\n* jettison: memory exhaustion via user-supplied XML or JSON data (CVE-2022-40150)\n\n* jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos (CVE-2022-45693)\n\n* CXF: Apache CXF: SSRF Vulnerability (CVE-2022-46364)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:0556",
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=appplatform\u0026version=7.4",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=appplatform\u0026version=7.4"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/"
},
{
"category": "external",
"summary": "1399546",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1399546"
},
{
"category": "external",
"summary": "1553413",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1553413"
},
{
"category": "external",
"summary": "1601614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614"
},
{
"category": "external",
"summary": "1601616",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601616"
},
{
"category": "external",
"summary": "1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "external",
"summary": "1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "1850004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004"
},
{
"category": "external",
"summary": "2124682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124682"
},
{
"category": "external",
"summary": "2134291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134291"
},
{
"category": "external",
"summary": "2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "2135770",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770"
},
{
"category": "external",
"summary": "2135771",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135771"
},
{
"category": "external",
"summary": "2145194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194"
},
{
"category": "external",
"summary": "2155682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155682"
},
{
"category": "external",
"summary": "2155970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155970"
},
{
"category": "external",
"summary": "JBEAP-23864",
"url": "https://issues.redhat.com/browse/JBEAP-23864"
},
{
"category": "external",
"summary": "JBEAP-23865",
"url": "https://issues.redhat.com/browse/JBEAP-23865"
},
{
"category": "external",
"summary": "JBEAP-23866",
"url": "https://issues.redhat.com/browse/JBEAP-23866"
},
{
"category": "external",
"summary": "JBEAP-24055",
"url": "https://issues.redhat.com/browse/JBEAP-24055"
},
{
"category": "external",
"summary": "JBEAP-24081",
"url": "https://issues.redhat.com/browse/JBEAP-24081"
},
{
"category": "external",
"summary": "JBEAP-24095",
"url": "https://issues.redhat.com/browse/JBEAP-24095"
},
{
"category": "external",
"summary": "JBEAP-24100",
"url": "https://issues.redhat.com/browse/JBEAP-24100"
},
{
"category": "external",
"summary": "JBEAP-24127",
"url": "https://issues.redhat.com/browse/JBEAP-24127"
},
{
"category": "external",
"summary": "JBEAP-24128",
"url": "https://issues.redhat.com/browse/JBEAP-24128"
},
{
"category": "external",
"summary": "JBEAP-24132",
"url": "https://issues.redhat.com/browse/JBEAP-24132"
},
{
"category": "external",
"summary": "JBEAP-24147",
"url": "https://issues.redhat.com/browse/JBEAP-24147"
},
{
"category": "external",
"summary": "JBEAP-24167",
"url": "https://issues.redhat.com/browse/JBEAP-24167"
},
{
"category": "external",
"summary": "JBEAP-24191",
"url": "https://issues.redhat.com/browse/JBEAP-24191"
},
{
"category": "external",
"summary": "JBEAP-24195",
"url": "https://issues.redhat.com/browse/JBEAP-24195"
},
{
"category": "external",
"summary": "JBEAP-24207",
"url": "https://issues.redhat.com/browse/JBEAP-24207"
},
{
"category": "external",
"summary": "JBEAP-24248",
"url": "https://issues.redhat.com/browse/JBEAP-24248"
},
{
"category": "external",
"summary": "JBEAP-24426",
"url": "https://issues.redhat.com/browse/JBEAP-24426"
},
{
"category": "external",
"summary": "JBEAP-24427",
"url": "https://issues.redhat.com/browse/JBEAP-24427"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_0556.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update",
"tracking": {
"current_release_date": "2025-01-06T16:22:27+00:00",
"generator": {
"date": "2025-01-06T16:22:27+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.5"
}
},
"id": "RHSA-2023:0556",
"initial_release_date": "2023-01-31T13:18:26+00:00",
"revision_history": [
{
"date": "2023-01-31T13:18:26+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-01-31T13:18:26+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-01-06T16:22:27+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 7",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 7",
"product_id": "Red Hat JBoss Enterprise Application Platform 7",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-9251",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2016-11-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1399546"
}
],
"notes": [
{
"category": "description",
"text": "jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Cross-site scripting via cross-domain ajax requests",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-9251"
},
{
"category": "external",
"summary": "RHBZ#1399546",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1399546"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-9251",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9251"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-9251",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-9251"
}
],
"release_date": "2015-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:18:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jquery: Cross-site scripting via cross-domain ajax requests"
},
{
"cve": "CVE-2016-10735",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668097"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the data-target attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-10735"
},
{
"category": "external",
"summary": "RHBZ#1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10735"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735"
}
],
"release_date": "2016-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:18:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "bootstrap: XSS in the data-target attribute"
},
{
"cve": "CVE-2017-18214",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2018-03-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1553413"
}
],
"notes": [
{
"category": "description",
"text": "The moment module before 2.19.3 for Node.js is prone to a regular expression denial of service via a crafted date string, a different vulnerability than CVE-2016-4055.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-moment: Regular expression denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of momentjs as shipped with Red Hat Enterprise Satellite 5. Red Hat Product Security has rated this issue as having security impact of Moderate. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-18214"
},
{
"category": "external",
"summary": "RHBZ#1553413",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1553413"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-18214",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18214"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-18214",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-18214"
}
],
"release_date": "2017-09-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:18:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "nodejs-moment: Regular expression denial of service"
},
{
"cve": "CVE-2018-14040",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601614"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14040"
},
{
"category": "external",
"summary": "RHBZ#1601614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14040",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14040"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:18:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute"
},
{
"cve": "CVE-2018-14041",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601616"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting, caused by improper validation of user-supplied input by the data-target property of scrollspy. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14041"
},
{
"category": "external",
"summary": "RHBZ#1601616",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601616"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14041",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14041"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14041",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14041"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:18:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy"
},
{
"cve": "CVE-2018-14042",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601617"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14042"
},
{
"category": "external",
"summary": "RHBZ#1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14042",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14042"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:18:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip"
},
{
"cve": "CVE-2019-8331",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-02-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1686454"
}
],
"notes": [
{
"category": "description",
"text": "A cross-site scripting vulnerability was discovered in bootstrap. If an attacker could control the data given to tooltip or popover, they could inject HTML or Javascript into the rendered page when tooltip or popover events fired.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the tooltip or popover data-template attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-8331"
},
{
"category": "external",
"summary": "RHBZ#1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-8331",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8331"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331"
}
],
"release_date": "2019-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:18:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "bootstrap: XSS in the tooltip or popover data-template attribute"
},
{
"cve": "CVE-2019-11358",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-03-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1701972"
}
],
"notes": [
{
"category": "description",
"text": "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-11358"
},
{
"category": "external",
"summary": "RHBZ#1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/",
"url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/"
},
{
"category": "external",
"summary": "https://www.drupal.org/sa-core-2019-006",
"url": "https://www.drupal.org/sa-core-2019-006"
}
],
"release_date": "2019-03-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:18:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection"
},
{
"cve": "CVE-2020-11022",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-04-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1828406"
}
],
"notes": [
{
"category": "description",
"text": "A Cross-site scripting (XSS) vulnerability exists in JQuery. This flaw allows an attacker with the ability to supply input to the \u2018HTML\u2019 function to inject Javascript into the page where that input is rendered, and have it delivered by the browser.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "No supported release of Red Hat OpenStack Platform is affected by this vulnerability as no shipped packages contain the vulnerable code.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11022"
},
{
"category": "external",
"summary": "RHBZ#1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11022",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2",
"url": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2"
}
],
"release_date": "2020-04-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:18:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method"
},
{
"cve": "CVE-2020-11023",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-06-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1850004"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jQuery. HTML containing \\\u003coption\\\u003e elements from untrusted sources are passed, even after sanitizing, to one of jQuery\u0027s DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux versions 6, 7, and 8 ship a vulnerable version of JQuery in the `pcs` component. However, the vulnerability has not been found to be exploitable in reasonable scenarios. \n\nIn RHEL7, pcs-0.9.169-3.el7_9.3 [RHSA-2022:7343] contains an updated version of jquery (3.6.0), which does not contain the vulnerable code.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11023"
},
{
"category": "external",
"summary": "RHBZ#1850004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/",
"url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/"
}
],
"release_date": "2020-04-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:18:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods"
},
{
"cve": "CVE-2022-3143",
"cwe": {
"id": "CWE-208",
"name": "Observable Timing Discrepancy"
},
"discovery_date": "2022-09-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2124682"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly-elytron. Wildfly-elytron uses java.util.Arrays.equals in several places, which is unsafe and vulnerable to timing attacks. To compare values securely, use java.security.MessageDigest.isEqual instead. This flaw allows an attacker to access secure information or impersonate an authed user.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly-elytron: possible timing attacks via use of unsafe comparator",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-3143"
},
{
"category": "external",
"summary": "RHBZ#2124682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124682"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-3143",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3143"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3143",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3143"
}
],
"release_date": "2022-09-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:18:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly-elytron: possible timing attacks via use of unsafe comparator"
},
{
"cve": "CVE-2022-40149",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-10-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135771"
}
],
"notes": [
{
"category": "description",
"text": "A stack-based buffer overflow vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. This flaw allows an attacker to supply content that causes the parser to crash by writing outside the memory bounds if the parser is running on user-supplied input, resulting in a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: parser crash by stackoverflow",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40149"
},
{
"category": "external",
"summary": "RHBZ#2135771",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135771"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40149",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40149"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149"
},
{
"category": "external",
"summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1",
"url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1"
}
],
"release_date": "2022-09-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:18:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jettison: parser crash by stackoverflow"
},
{
"cve": "CVE-2022-40150",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-10-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135770"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. If the parser is running on user-supplied input, an attacker may supply content that causes the parser to crash, causing memory exhaustion. This effect may support a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: memory exhaustion via user-supplied XML or JSON data",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40150"
},
{
"category": "external",
"summary": "RHBZ#2135770",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40150",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40150"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150"
},
{
"category": "external",
"summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1",
"url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1"
}
],
"release_date": "2022-09-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:18:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jettison: memory exhaustion via user-supplied XML or JSON data"
},
{
"cve": "CVE-2022-40152",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-10-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2134291"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the FasterXML/woodstox package. This flaw allows an attacker to cause a denial of service (DoS) in its target via XML serialization. An attacker may benefit from the parser sending a malicious input that may cause a crash. This vulnerability is only relevant for users using the DTD parsing functionality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40152"
},
{
"category": "external",
"summary": "RHBZ#2134291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134291"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40152",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40152"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40152",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40152"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-3f7h-mf4q-vrm4",
"url": "https://github.com/advisories/GHSA-3f7h-mf4q-vrm4"
}
],
"release_date": "2022-09-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:18:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks"
},
{
"cve": "CVE-2022-42003",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135244"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42003"
},
{
"category": "external",
"summary": "RHBZ#2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42003",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:18:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS"
},
{
"cve": "CVE-2022-42004",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135247"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: use of deeply nested arrays",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42004"
},
{
"category": "external",
"summary": "RHBZ#2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42004",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:18:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: use of deeply nested arrays"
},
{
"cve": "CVE-2022-45047",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-11-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2145194"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache MINA SSHD, when using Java deserialization to load a serialized java.security.PrivateKey. An attacker could benefit from unsafe deserialization by inserting unsecured data that may affect the application or server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mina-sshd: Java unsafe deserialization vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Impact as High as there\u0027s a mitigation for minimizing the impact which the flaw requires org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to be impacted, which would require an external/public API for an attacker to benefit from it. \n\nRed Hat Fuse 7 and Red Hat JBoss Enterprise Application Platform 7 have a lower rate (moderate) as it\u0027s very unlikely to be exploited since those are for internal usage or use a custom implementation in their case.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45047"
},
{
"category": "external",
"summary": "RHBZ#2145194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45047",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45047"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047"
},
{
"category": "external",
"summary": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html",
"url": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html"
}
],
"release_date": "2022-11-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:18:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
},
{
"category": "workaround",
"details": "From the maintainer:\n\nFor Apache MINA SSHD \u003c= 2.9.1, do not use org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to generate and later load your server\u0027s host key. Use separately generated host key files, for instance in OpenSSH format, and load them via a org.apache.sshd.common.keyprovider.FileKeyPairProvider instead. Or use a custom implementation instead of \nSimpleGeneratorHostKeyProvider that uses the OpenSSH format for storing and loading the host key (via classes OpenSSHKeyPairResourceWriter and OpenSSHKeyPairResourceParser).",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mina-sshd: Java unsafe deserialization vulnerability"
},
{
"cve": "CVE-2022-45693",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-12-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155970"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jettison, where it is vulnerable to a denial of service caused by a stack-based buffer overflow. By sending a specially-crafted request using the map parameter, a remote attacker can cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat has determined the impact of this flaw to be Moderate; a successful attack using this flaw would require the processing of untrusted, unsanitized, or unrestricted user inputs, which runs counter to established Red Hat security practices.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45693"
},
{
"category": "external",
"summary": "RHBZ#2155970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155970"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45693",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45693"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45693",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45693"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:18:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos"
},
{
"cve": "CVE-2022-46363",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2022-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155681"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Apache CXF that could allow an attacker to perform a remote directory listing or code exfiltration. This issue only applies when the CXFServlet is configured with both the static-resources-list and redirect-query-check attributes. These attributes are not supposed to be used together, so the issue can only occur if the CXF service is misconfigured.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "CXF: directory listing / code exfiltration",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-46363"
},
{
"category": "external",
"summary": "RHBZ#2155681",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155681"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-46363",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46363"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46363",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46363"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/pdzo1qgyplf4y523tnnzrcm7hoco3l8c",
"url": "https://lists.apache.org/thread/pdzo1qgyplf4y523tnnzrcm7hoco3l8c"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:18:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "CXF: directory listing / code exfiltration"
},
{
"cve": "CVE-2022-46364",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2022-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155682"
}
],
"notes": [
{
"category": "description",
"text": "A SSRF vulnerability was found in Apache CXF. This issue occurs when parsing the href attribute of XOP:Include in MTOM requests, allowing an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "CXF: SSRF Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Integration Camel Quarkus does not support CXF extensions and so is affected at a reduced impact of Moderate.\nThe RHSSO server does not ship Apache CXF. The component mentioned in CVE-2022-46364 is a transitive dependency coming from Fuse adapters and the test suite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-46364"
},
{
"category": "external",
"summary": "RHBZ#2155682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155682"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-46364",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46364"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46364",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46364"
},
{
"category": "external",
"summary": "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1\u0026modificationDate=1670944472739\u0026api=v2",
"url": "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1\u0026modificationDate=1670944472739\u0026api=v2"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:18:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "CXF: SSRF Vulnerability"
}
]
}
rhsa-2023:0552
Vulnerability from csaf_redhat
Published
2023-01-31 13:15
Modified
2025-10-13 04:53
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.8, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.9 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection (CVE-2019-11358)
* jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251)
* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)
* jquery: Untrusted code execution via <option> tag in HTML passed to DOM manipulation methods (CVE-2020-11023)
* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)
* bootstrap: XSS in the data-target attribute (CVE-2016-10735)
* bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy (CVE-2018-14041)
* sshd-common: mina-sshd: Java unsafe deserialization vulnerability (CVE-2022-45047)
* woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks (CVE-2022-40152)
* bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip (CVE-2018-14042)
* bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331)
* nodejs-moment: Regular expression denial of service (CVE-2017-18214)
* wildfly-elytron: possible timing attacks via use of unsafe comparator (CVE-2022-3143)
* jackson-databind: use of deeply nested arrays (CVE-2022-42004)
* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)
* jettison: parser crash by stackoverflow (CVE-2022-40149)
* jettison: memory exhaustion via user-supplied XML or JSON data (CVE-2022-40150)
* jettison: If the value in map is the map's self, the new new JSONObject(map) cause StackOverflowError which may lead to dos (CVE-2022-45693)
* CXF: Apache CXF: SSRF Vulnerability (CVE-2022-46364)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.8, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.9 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection (CVE-2019-11358)\n\n* jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251)\n\n* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)\n\n* jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods (CVE-2020-11023)\n\n* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)\n\n* bootstrap: XSS in the data-target attribute (CVE-2016-10735)\n\n* bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy (CVE-2018-14041)\n\n* sshd-common: mina-sshd: Java unsafe deserialization vulnerability (CVE-2022-45047)\n\n* woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks (CVE-2022-40152)\n\n* bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip (CVE-2018-14042)\n\n* bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331)\n\n* nodejs-moment: Regular expression denial of service (CVE-2017-18214)\n\n* wildfly-elytron: possible timing attacks via use of unsafe comparator (CVE-2022-3143)\n\n* jackson-databind: use of deeply nested arrays (CVE-2022-42004)\n\n* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)\n\n* jettison: parser crash by stackoverflow (CVE-2022-40149)\n\n* jettison: memory exhaustion via user-supplied XML or JSON data (CVE-2022-40150)\n\n* jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos (CVE-2022-45693)\n\n* CXF: Apache CXF: SSRF Vulnerability (CVE-2022-46364)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:0552",
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/"
},
{
"category": "external",
"summary": "1399546",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1399546"
},
{
"category": "external",
"summary": "1553413",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1553413"
},
{
"category": "external",
"summary": "1601614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614"
},
{
"category": "external",
"summary": "1601616",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601616"
},
{
"category": "external",
"summary": "1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "external",
"summary": "1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "1850004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004"
},
{
"category": "external",
"summary": "2124682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124682"
},
{
"category": "external",
"summary": "2134291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134291"
},
{
"category": "external",
"summary": "2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "2135770",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770"
},
{
"category": "external",
"summary": "2135771",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135771"
},
{
"category": "external",
"summary": "2145194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194"
},
{
"category": "external",
"summary": "2155682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155682"
},
{
"category": "external",
"summary": "2155970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155970"
},
{
"category": "external",
"summary": "JBEAP-23864",
"url": "https://issues.redhat.com/browse/JBEAP-23864"
},
{
"category": "external",
"summary": "JBEAP-23865",
"url": "https://issues.redhat.com/browse/JBEAP-23865"
},
{
"category": "external",
"summary": "JBEAP-23866",
"url": "https://issues.redhat.com/browse/JBEAP-23866"
},
{
"category": "external",
"summary": "JBEAP-23926",
"url": "https://issues.redhat.com/browse/JBEAP-23926"
},
{
"category": "external",
"summary": "JBEAP-24055",
"url": "https://issues.redhat.com/browse/JBEAP-24055"
},
{
"category": "external",
"summary": "JBEAP-24081",
"url": "https://issues.redhat.com/browse/JBEAP-24081"
},
{
"category": "external",
"summary": "JBEAP-24095",
"url": "https://issues.redhat.com/browse/JBEAP-24095"
},
{
"category": "external",
"summary": "JBEAP-24100",
"url": "https://issues.redhat.com/browse/JBEAP-24100"
},
{
"category": "external",
"summary": "JBEAP-24127",
"url": "https://issues.redhat.com/browse/JBEAP-24127"
},
{
"category": "external",
"summary": "JBEAP-24128",
"url": "https://issues.redhat.com/browse/JBEAP-24128"
},
{
"category": "external",
"summary": "JBEAP-24132",
"url": "https://issues.redhat.com/browse/JBEAP-24132"
},
{
"category": "external",
"summary": "JBEAP-24147",
"url": "https://issues.redhat.com/browse/JBEAP-24147"
},
{
"category": "external",
"summary": "JBEAP-24167",
"url": "https://issues.redhat.com/browse/JBEAP-24167"
},
{
"category": "external",
"summary": "JBEAP-24191",
"url": "https://issues.redhat.com/browse/JBEAP-24191"
},
{
"category": "external",
"summary": "JBEAP-24195",
"url": "https://issues.redhat.com/browse/JBEAP-24195"
},
{
"category": "external",
"summary": "JBEAP-24207",
"url": "https://issues.redhat.com/browse/JBEAP-24207"
},
{
"category": "external",
"summary": "JBEAP-24248",
"url": "https://issues.redhat.com/browse/JBEAP-24248"
},
{
"category": "external",
"summary": "JBEAP-24426",
"url": "https://issues.redhat.com/browse/JBEAP-24426"
},
{
"category": "external",
"summary": "JBEAP-24427",
"url": "https://issues.redhat.com/browse/JBEAP-24427"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_0552.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update",
"tracking": {
"current_release_date": "2025-10-13T04:53:26+00:00",
"generator": {
"date": "2025-10-13T04:53:26+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2023:0552",
"initial_release_date": "2023-01-31T13:15:22+00:00",
"revision_history": [
{
"date": "2023-01-31T13:15:22+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-01-31T13:15:22+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-13T04:53:26+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product": {
"name": "Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src",
"product_id": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-woodstox-core@6.4.0-1.redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"product": {
"name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"product_id": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-java8@2.12.7-1.redhat_00003.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-elytron-web@1.9.3-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"product": {
"name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"product_id": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-databind@2.12.7-1.redhat_00003.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"product": {
"name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"product_id": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-javaee-security-soteria@1.0.1-3.redhat_00003.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"product": {
"name": "eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"product_id": "eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-providers@2.12.7-1.redhat_00003.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"product": {
"name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"product_id": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-annotations@2.12.7-1.redhat_00003.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"product": {
"name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"product_id": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jettison@1.5.2-1.redhat_00002.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"product": {
"name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"product_id": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-core@2.12.7-1.redhat_00003.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"product": {
"name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"product_id": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-base@2.12.7-1.redhat_00003.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"product_id": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.2.22-1.SP3_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-remoting@5.0.27-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.3.16-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.5.10-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-jsp-api_2.3_spec@2.0.0-3.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"product_id": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-sshd@2.9.2-1.redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.49-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"product_id": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-jsf-api_2.3_spec@3.0.0-6.SP07_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search@5.10.13-3.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.15.16-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"product": {
"name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"product_id": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-24.Final_redhat_00023.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"product": {
"name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"product_id": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.4.9-4.GA_redhat_00003.1.el7eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-woodstox-core@6.4.0-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product_id": "eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-datatype-jdk8@2.12.7-1.redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product_id": "eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-datatype-jsr310@2.12.7-1.redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product_id": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-java8@2.12.7-1.redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow-server@1.9.3-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product_id": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-databind@2.12.7-1.redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"product_id": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-javaee-security-soteria@1.0.1-3.redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"product_id": "eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-javaee-security-soteria-enterprise@1.0.1-3.redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product_id": "eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-base@2.12.7-1.redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product_id": "eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-json-provider@2.12.7-1.redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product_id": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-annotations@2.12.7-1.redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"product_id": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jettison@1.5.2-1.redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product_id": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-core@2.12.7-1.redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product_id": "eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-module-jaxb-annotations@2.12.7-1.redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product_id": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-base@2.12.7-1.redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.2.22-1.SP3_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-remoting@5.0.27-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.3.16-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.5.10-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-api@1.5.10-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-impl@1.5.10-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-spi@1.5.10-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-api@1.5.10-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-impl@1.5.10-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-deployers-common@1.5.10-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-jdbc@1.5.10-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-validator@1.5.10-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-jsp-api_2.3_spec@2.0.0-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-sshd@2.9.2-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.49-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-jsf-api_2.3_spec@3.0.0-6.SP07_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search@5.10.13-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search-backend-jgroups@5.10.13-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search-backend-jms@5.10.13-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search-engine@5.10.13-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search-orm@5.10.13-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search-serialization-avro@5.10.13-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.15.16-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron-tool@1.15.16-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-24.Final_redhat_00023.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.10.0-24.Final_redhat_00023.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.10.0-24.Final_redhat_00023.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"product_id": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.4.9-4.GA_redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"product_id": "eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk11@7.4.9-4.GA_redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"product_id": "eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk8@7.4.9-4.GA_redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"product_id": "eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.4.9-4.GA_redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"product_id": "eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.4.9-4.GA_redhat_00003.1.el7eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src"
},
"product_reference": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src"
},
"product_reference": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src"
},
"product_reference": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src"
},
"product_reference": "eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src"
},
"product_reference": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src"
},
"product_reference": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src"
},
"product_reference": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src"
},
"product_reference": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src"
},
"product_reference": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src"
},
"product_reference": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-9251",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2016-11-27T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1399546"
}
],
"notes": [
{
"category": "description",
"text": "jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Cross-site scripting via cross-domain ajax requests",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-9251"
},
{
"category": "external",
"summary": "RHBZ#1399546",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1399546"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-9251",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9251"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-9251",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-9251"
}
],
"release_date": "2015-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jquery: Cross-site scripting via cross-domain ajax requests"
},
{
"cve": "CVE-2016-10735",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668097"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the data-target attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-10735"
},
{
"category": "external",
"summary": "RHBZ#1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10735"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735"
}
],
"release_date": "2016-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "bootstrap: XSS in the data-target attribute"
},
{
"cve": "CVE-2017-18214",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2018-03-08T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1553413"
}
],
"notes": [
{
"category": "description",
"text": "The moment module before 2.19.3 for Node.js is prone to a regular expression denial of service via a crafted date string, a different vulnerability than CVE-2016-4055.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-moment: Regular expression denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of momentjs as shipped with Red Hat Enterprise Satellite 5. Red Hat Product Security has rated this issue as having security impact of Moderate. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.\n\nIn Quay 3.10 and above, no version of affected momentjs is present.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-18214"
},
{
"category": "external",
"summary": "RHBZ#1553413",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1553413"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-18214",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18214"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-18214",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-18214"
}
],
"release_date": "2017-09-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "nodejs-moment: Regular expression denial of service"
},
{
"cve": "CVE-2018-14040",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601614"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14040"
},
{
"category": "external",
"summary": "RHBZ#1601614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14040",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14040"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute"
},
{
"cve": "CVE-2018-14041",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601616"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting, caused by improper validation of user-supplied input by the data-target property of scrollspy. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14041"
},
{
"category": "external",
"summary": "RHBZ#1601616",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601616"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14041",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14041"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14041",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14041"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy"
},
{
"cve": "CVE-2018-14042",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601617"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14042"
},
{
"category": "external",
"summary": "RHBZ#1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14042",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14042"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip"
},
{
"cve": "CVE-2019-8331",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-02-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1686454"
}
],
"notes": [
{
"category": "description",
"text": "A cross-site scripting vulnerability was discovered in bootstrap. If an attacker could control the data given to tooltip or popover, they could inject HTML or Javascript into the rendered page when tooltip or popover events fired.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the tooltip or popover data-template attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-8331"
},
{
"category": "external",
"summary": "RHBZ#1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-8331",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8331"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331"
}
],
"release_date": "2019-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "bootstrap: XSS in the tooltip or popover data-template attribute"
},
{
"cve": "CVE-2019-11358",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-03-28T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1701972"
}
],
"notes": [
{
"category": "description",
"text": "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-11358"
},
{
"category": "external",
"summary": "RHBZ#1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/",
"url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/"
},
{
"category": "external",
"summary": "https://www.drupal.org/sa-core-2019-006",
"url": "https://www.drupal.org/sa-core-2019-006"
}
],
"release_date": "2019-03-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection"
},
{
"cve": "CVE-2020-11022",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-04-23T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1828406"
}
],
"notes": [
{
"category": "description",
"text": "A Cross-site scripting (XSS) vulnerability exists in JQuery. This flaw allows an attacker with the ability to supply input to the \u2018HTML\u2019 function to inject Javascript into the page where that input is rendered, and have it delivered by the browser.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "No supported release of Red Hat OpenStack Platform is affected by this vulnerability as no shipped packages contain the vulnerable code.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11022"
},
{
"category": "external",
"summary": "RHBZ#1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11022",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2",
"url": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2"
}
],
"release_date": "2020-04-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method"
},
{
"cve": "CVE-2020-11023",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-06-23T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1850004"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jQuery. HTML containing \\\u003coption\\\u003e elements from untrusted sources are passed, even after sanitizing, to one of jQuery\u0027s DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux versions 6, 7, and 8 ship a vulnerable version of JQuery in the `pcs` component. As PCS does not accept untrusted input, the vulnerable code cannot be controlled by an attacker.\n\nMultiple Red Hat offerings use doxygen to build documentation. During this process an affected jquery.js file can be included in the resulting package. The \u0027gcc\u0027 and \u0027tbb\u0027 packages were potentially vulnerable via this method.\n\nOpenShift Container Platform 4 is not affected because even though it uses the \u0027gcc\u0027 component, vulnerable code is limited within the libstdc++-docs rpm package, which is not shipped.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nStatic code analysis controls ensure that security flaws, including XSS vulnerabilities, are detected early in development by scanning code for improper input handling. This prevents vulnerable code from reaching production and encourages our developers to follow secure coding practices. System monitoring controls play a crucial role in detecting and responding to XSS attacks by analyzing logs, monitoring user behavior, and generating alerts for suspicious activity. Meanwhile, AWS WAF (Web Application Firewall) adds an extra layer of defense by filtering and blocking malicious input before it reaches the platform and/or application. Together, these controls create a defense-in-depth approach, reducing the risk of XSS exploitation by preventing, detecting, and mitigating attacks at multiple levels.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11023"
},
{
"category": "external",
"summary": "RHBZ#1850004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/",
"url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2020-04-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2025-01-23T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Low"
}
],
"title": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods"
},
{
"cve": "CVE-2022-3143",
"cwe": {
"id": "CWE-208",
"name": "Observable Timing Discrepancy"
},
"discovery_date": "2022-09-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2124682"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly-elytron. Wildfly-elytron uses java.util.Arrays.equals in several places, which is unsafe and vulnerable to timing attacks. To compare values securely, use java.security.MessageDigest.isEqual instead. This flaw allows an attacker to access secure information or impersonate an authed user.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly-elytron: possible timing attacks via use of unsafe comparator",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-3143"
},
{
"category": "external",
"summary": "RHBZ#2124682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124682"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-3143",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3143"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3143",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3143"
}
],
"release_date": "2022-09-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly-elytron: possible timing attacks via use of unsafe comparator"
},
{
"cve": "CVE-2022-40149",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-10-18T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135771"
}
],
"notes": [
{
"category": "description",
"text": "A stack-based buffer overflow vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. This flaw allows an attacker to supply content that causes the parser to crash by writing outside the memory bounds if the parser is running on user-supplied input, resulting in a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: parser crash by stackoverflow",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40149"
},
{
"category": "external",
"summary": "RHBZ#2135771",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135771"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40149",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40149"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149"
},
{
"category": "external",
"summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1",
"url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1"
}
],
"release_date": "2022-09-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jettison: parser crash by stackoverflow"
},
{
"cve": "CVE-2022-40150",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-10-18T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135770"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. If the parser is running on user-supplied input, an attacker may supply content that causes the parser to crash, causing memory exhaustion. This effect may support a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: memory exhaustion via user-supplied XML or JSON data",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40150"
},
{
"category": "external",
"summary": "RHBZ#2135770",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40150",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40150"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150"
},
{
"category": "external",
"summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1",
"url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1"
}
],
"release_date": "2022-09-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jettison: memory exhaustion via user-supplied XML or JSON data"
},
{
"cve": "CVE-2022-40152",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-10-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2134291"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the FasterXML/woodstox package. This flaw allows an attacker to cause a denial of service (DoS) in its target via XML serialization. An attacker may benefit from the parser sending a malicious input that may cause a crash. This vulnerability is only relevant for users using the DTD parsing functionality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40152"
},
{
"category": "external",
"summary": "RHBZ#2134291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134291"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40152",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40152"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40152",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40152"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-3f7h-mf4q-vrm4",
"url": "https://github.com/advisories/GHSA-3f7h-mf4q-vrm4"
}
],
"release_date": "2022-09-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks"
},
{
"cve": "CVE-2022-42003",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135244"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42003"
},
{
"category": "external",
"summary": "RHBZ#2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42003",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS"
},
{
"cve": "CVE-2022-42004",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135247"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: use of deeply nested arrays",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42004"
},
{
"category": "external",
"summary": "RHBZ#2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42004",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: use of deeply nested arrays"
},
{
"cve": "CVE-2022-45047",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-11-23T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2145194"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache MINA SSHD, when using Java deserialization to load a serialized java.security.PrivateKey. An attacker could benefit from unsafe deserialization by inserting unsecured data that may affect the application or server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mina-sshd: Java unsafe deserialization vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Impact as High as there\u0027s a mitigation for minimizing the impact which the flaw requires org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to be impacted, which would require an external/public API for an attacker to benefit from it. \n\nRed Hat Fuse 7 and Red Hat JBoss Enterprise Application Platform 7 have a lower rate (moderate) as it\u0027s very unlikely to be exploited since those are for internal usage or use a custom implementation in their case.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45047"
},
{
"category": "external",
"summary": "RHBZ#2145194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45047",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45047"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047"
},
{
"category": "external",
"summary": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html",
"url": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html"
}
],
"release_date": "2022-11-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
},
{
"category": "workaround",
"details": "From the maintainer:\n\nFor Apache MINA SSHD \u003c= 2.9.1, do not use org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to generate and later load your server\u0027s host key. Use separately generated host key files, for instance in OpenSSH format, and load them via a org.apache.sshd.common.keyprovider.FileKeyPairProvider instead. Or use a custom implementation instead of \nSimpleGeneratorHostKeyProvider that uses the OpenSSH format for storing and loading the host key (via classes OpenSSHKeyPairResourceWriter and OpenSSHKeyPairResourceParser).",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mina-sshd: Java unsafe deserialization vulnerability"
},
{
"cve": "CVE-2022-45693",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-12-23T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155970"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jettison, where it is vulnerable to a denial of service caused by a stack-based buffer overflow. By sending a specially-crafted request using the map parameter, a remote attacker can cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat has determined the impact of this flaw to be Moderate; a successful attack using this flaw would require the processing of untrusted, unsanitized, or unrestricted user inputs, which runs counter to established Red Hat security practices.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45693"
},
{
"category": "external",
"summary": "RHBZ#2155970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155970"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45693",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45693"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45693",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45693"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos"
},
{
"cve": "CVE-2022-46364",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2022-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155682"
}
],
"notes": [
{
"category": "description",
"text": "A SSRF vulnerability was found in Apache CXF. This issue occurs when parsing the href attribute of XOP:Include in MTOM requests, allowing an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "CXF: SSRF Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Integration Camel Quarkus does not support CXF extensions and so is affected at a reduced impact of Moderate.\nThe RHSSO server does not ship Apache CXF. The component mentioned in CVE-2022-46364 is a transitive dependency coming from Fuse adapters and the test suite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-46364"
},
{
"category": "external",
"summary": "RHBZ#2155682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155682"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-46364",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46364"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46364",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46364"
},
{
"category": "external",
"summary": "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1\u0026modificationDate=1670944472739\u0026api=v2",
"url": "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1\u0026modificationDate=1670944472739\u0026api=v2"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "CXF: SSRF Vulnerability"
}
]
}
RHSA-2019:1456
Vulnerability from csaf_redhat
Published
2019-06-11 15:32
Modified
2025-10-10 02:11
Summary
Red Hat Security Advisory: Red Hat Single Sign-On 7.3.2 security update
Notes
Topic
A security update is now available for Red Hat Single Sign-On 7.3 from the Customer Portal.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.
This release of Red Hat Single Sign-On 7.3.2 serves as a replacement for Red Hat Single Sign-On 7.3.1, and includes bug fixes and enhancements, which are documented in the Release Notes document.
Security Fix(es):
* bootstrap: XSS in the data-target attribute (CVE-2016-10735)
* bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy (CVE-2018-14041)
* bootstrap: XSS in the tooltip data-viewport attribute (CVE-2018-20676)
* bootstrap: XSS in the affix configuration target property (CVE-2018-20677)
* picketlink: reflected XSS in SAMLRequest via RelayState parameter (CVE-2019-3872)
* picketlink: URL injection via xinclude parameter (CVE-2019-3873)
* keycloak: X.509 authentication: CRL signatures are not verified (CVE-2019-3875)
* undertow: leak credentials to log files UndertowLogger.REQUEST_LOGGER.undertowRequestFailed (CVE-2019-3888)
* bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331)
* keycloak: Node.js adapter internal NBF can be manipulated (CVE-2019-10157)
* js-jquery: prototype pollution in object's prototype leading to denial of service or remote code execution or property injection (CVE-2019-11358)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update is now available for Red Hat Single Sign-On 7.3 from the Customer Portal.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.\n\nThis release of Red Hat Single Sign-On 7.3.2 serves as a replacement for Red Hat Single Sign-On 7.3.1, and includes bug fixes and enhancements, which are documented in the Release Notes document.\n\nSecurity Fix(es):\n\n* bootstrap: XSS in the data-target attribute (CVE-2016-10735)\n\n* bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy (CVE-2018-14041)\n\n* bootstrap: XSS in the tooltip data-viewport attribute (CVE-2018-20676)\n\n* bootstrap: XSS in the affix configuration target property (CVE-2018-20677)\n\n* picketlink: reflected XSS in SAMLRequest via RelayState parameter (CVE-2019-3872)\n\n* picketlink: URL injection via xinclude parameter (CVE-2019-3873)\n\n* keycloak: X.509 authentication: CRL signatures are not verified (CVE-2019-3875)\n\n* undertow: leak credentials to log files UndertowLogger.REQUEST_LOGGER.undertowRequestFailed (CVE-2019-3888)\n\n* bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331)\n\n* keycloak: Node.js adapter internal NBF can be manipulated (CVE-2019-10157)\n\n* js-jquery: prototype pollution in object\u0027s prototype leading to denial of service or remote code execution or property injection (CVE-2019-11358)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2019:1456",
"url": "https://access.redhat.com/errata/RHSA-2019:1456"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=core.service.rhsso\u0026downloadType=securityPatches\u0026version=7.3",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=core.service.rhsso\u0026downloadType=securityPatches\u0026version=7.3"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.3/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.3/"
},
{
"category": "external",
"summary": "1601616",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601616"
},
{
"category": "external",
"summary": "1668082",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668082"
},
{
"category": "external",
"summary": "1668089",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668089"
},
{
"category": "external",
"summary": "1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "external",
"summary": "1688966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1688966"
},
{
"category": "external",
"summary": "1689014",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1689014"
},
{
"category": "external",
"summary": "1690628",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1690628"
},
{
"category": "external",
"summary": "1693777",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1693777"
},
{
"category": "external",
"summary": "1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "1702953",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1702953"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_1456.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Single Sign-On 7.3.2 security update",
"tracking": {
"current_release_date": "2025-10-10T02:11:39+00:00",
"generator": {
"date": "2025-10-10T02:11:39+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2019:1456",
"initial_release_date": "2019-06-11T15:32:12+00:00",
"revision_history": [
{
"date": "2019-06-11T15:32:12+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2019-06-11T15:32:12+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-10T02:11:39+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Single Sign-On 7.3.2 zip",
"product": {
"name": "Red Hat Single Sign-On 7.3.2 zip",
"product_id": "Red Hat Single Sign-On 7.3.2 zip",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_single_sign_on:7.3"
}
}
}
],
"category": "product_family",
"name": "Red Hat Single Sign-On"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-10735",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668097"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the data-target attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.3.2 zip"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-10735"
},
{
"category": "external",
"summary": "RHBZ#1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10735"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735"
}
],
"release_date": "2016-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-06-11T15:32:12+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.3.2 zip"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1456"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat Single Sign-On 7.3.2 zip"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the data-target attribute"
},
{
"cve": "CVE-2018-14041",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601616"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting, caused by improper validation of user-supplied input by the data-target property of scrollspy. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.3.2 zip"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14041"
},
{
"category": "external",
"summary": "RHBZ#1601616",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601616"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14041",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14041"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14041",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14041"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-06-11T15:32:12+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.3.2 zip"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1456"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat Single Sign-On 7.3.2 zip"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy"
},
{
"cve": "CVE-2018-20676",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668082"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting, caused by improper validation of user-supplied input by the tooltip data-viewport attribute. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the tooltip data-viewport attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions do not use the vulnerable component at all.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.3.2 zip"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-20676"
},
{
"category": "external",
"summary": "RHBZ#1668082",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668082"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-20676",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20676"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20676",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20676"
}
],
"release_date": "2018-08-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-06-11T15:32:12+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.3.2 zip"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1456"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat Single Sign-On 7.3.2 zip"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the tooltip data-viewport attribute"
},
{
"cve": "CVE-2018-20677",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668089"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting caused by improper validation of user-supplied input by the affix configuration target property. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the affix configuration target property",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions do not use the vulnerable component at all.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.3.2 zip"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-20677"
},
{
"category": "external",
"summary": "RHBZ#1668089",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668089"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-20677",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20677"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20677",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20677"
}
],
"release_date": "2018-08-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-06-11T15:32:12+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.3.2 zip"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1456"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat Single Sign-On 7.3.2 zip"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the affix configuration target property"
},
{
"cve": "CVE-2019-3872",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1688966"
}
],
"notes": [
{
"category": "description",
"text": "It was found that a SAMLRequest containing a script could be processed by Picketlink versions shipped in Jboss Application Platform 7.2.x and 7.1.x. An attacker could use this to send a malicious script to achieve cross-site scripting and obtain unauthorized information or conduct further attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "picketlink: reflected XSS in SAMLRequest via RelayState parameter",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.3.2 zip"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-3872"
},
{
"category": "external",
"summary": "RHBZ#1688966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1688966"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-3872",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3872"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-3872",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3872"
}
],
"release_date": "2019-06-10T15:16:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-06-11T15:32:12+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.3.2 zip"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1456"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat Single Sign-On 7.3.2 zip"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "picketlink: reflected XSS in SAMLRequest via RelayState parameter"
},
{
"cve": "CVE-2019-3873",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1689014"
}
],
"notes": [
{
"category": "description",
"text": "It was found that Picketlink as shipped with Jboss Enterprise Application Platform 7.2 would accept an xinclude parameter in SAMLresponse XML. An attacker could use this flaw to send a URL to achieve cross-site scripting or possibly conduct further attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "picketlink: URL injection via xinclude parameter",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.3.2 zip"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-3873"
},
{
"category": "external",
"summary": "RHBZ#1689014",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1689014"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-3873",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3873"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-3873",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3873"
}
],
"release_date": "2019-06-10T15:16:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-06-11T15:32:12+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.3.2 zip"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1456"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L",
"version": "3.0"
},
"products": [
"Red Hat Single Sign-On 7.3.2 zip"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "picketlink: URL injection via xinclude parameter"
},
{
"acknowledgments": [
{
"names": [
"Marek Posolda"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2019-3875",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2019-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1690628"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in keycloak before 6.0.2. The X.509 authenticator supports the verification of client certificates through the CRL, where the CRL list can be obtained from the URL provided in the certificate itself (CDP) or through the separately configured path. The CRL are often available over the network through unsecured protocols (\u0027http\u0027 or \u0027ldap\u0027) and hence the caller should verify the signature and possibly the certification path. Keycloak currently doesn\u0027t validate signatures on CRL, which can result in a possibility of various attacks like man-in-the-middle.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: missing signatures validation on CRL used to verify client certificates",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.3.2 zip"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-3875"
},
{
"category": "external",
"summary": "RHBZ#1690628",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1690628"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-3875",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3875"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-3875",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3875"
}
],
"release_date": "2019-06-11T14:22:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-06-11T15:32:12+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.3.2 zip"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1456"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat Single Sign-On 7.3.2 zip"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "keycloak: missing signatures validation on CRL used to verify client certificates"
},
{
"acknowledgments": [
{
"names": [
"Carter Kozak"
]
}
],
"cve": "CVE-2019-3888",
"cwe": {
"id": "CWE-532",
"name": "Insertion of Sensitive Information into Log File"
},
"discovery_date": "2019-03-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1693777"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Undertow web server before 2.0.21. An information exposure of plain text credentials through log files because Connectors.executeRootHandler:402 logs the HttpServerExchange object at ERROR level using UndertowLogger.REQUEST_LOGGER.undertowRequestFailed(t, exchange)",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: leak credentials to log files UndertowLogger.REQUEST_LOGGER.undertowRequestFailed",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.3.2 zip"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-3888"
},
{
"category": "external",
"summary": "RHBZ#1693777",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1693777"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-3888",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3888"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-3888",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3888"
}
],
"release_date": "2019-06-10T15:13:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-06-11T15:32:12+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.3.2 zip"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1456"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"Red Hat Single Sign-On 7.3.2 zip"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undertow: leak credentials to log files UndertowLogger.REQUEST_LOGGER.undertowRequestFailed"
},
{
"cve": "CVE-2019-8331",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-02-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1686454"
}
],
"notes": [
{
"category": "description",
"text": "A cross-site scripting vulnerability was discovered in bootstrap. If an attacker could control the data given to tooltip or popover, they could inject HTML or Javascript into the rendered page when tooltip or popover events fired.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the tooltip or popover data-template attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.3.2 zip"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-8331"
},
{
"category": "external",
"summary": "RHBZ#1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-8331",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8331"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331"
}
],
"release_date": "2019-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-06-11T15:32:12+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.3.2 zip"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1456"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat Single Sign-On 7.3.2 zip"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the tooltip or popover data-template attribute"
},
{
"cve": "CVE-2019-10157",
"cwe": {
"id": "CWE-345",
"name": "Insufficient Verification of Data Authenticity"
},
"discovery_date": "2019-04-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1702953"
}
],
"notes": [
{
"category": "description",
"text": "It was found that Keycloak\u0027s Node.js adapter did not properly verify the web token received from the server in its backchannel logout. An attacker with local access could use this to construct a malicious web token setting an NBF parameter that could prevent user access indefinitely.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: Node.js adapter internal NBF can be manipulated leading to DoS.",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.3.2 zip"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-10157"
},
{
"category": "external",
"summary": "RHBZ#1702953",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1702953"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-10157",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10157"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10157",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10157"
}
],
"release_date": "2019-06-11T14:23:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-06-11T15:32:12+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.3.2 zip"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1456"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"Red Hat Single Sign-On 7.3.2 zip"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "keycloak: Node.js adapter internal NBF can be manipulated leading to DoS."
},
{
"cve": "CVE-2019-11358",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-03-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1701972"
}
],
"notes": [
{
"category": "description",
"text": "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.3.2 zip"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-11358"
},
{
"category": "external",
"summary": "RHBZ#1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/",
"url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/"
},
{
"category": "external",
"summary": "https://www.drupal.org/sa-core-2019-006",
"url": "https://www.drupal.org/sa-core-2019-006"
}
],
"release_date": "2019-03-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-06-11T15:32:12+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.3.2 zip"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1456"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"Red Hat Single Sign-On 7.3.2 zip"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection"
}
]
}
RHSA-2019:3023
Vulnerability from csaf_redhat
Published
2019-10-10 15:38
Modified
2025-10-10 01:34
Summary
Red Hat Security Advisory: ovirt-engine-ui-extensions security and bug fix update
Notes
Topic
An update for ovirt-engine-ui-extensions is now available for Red Hat Virtualization Engine 4.3.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The ovirt-engine-ui-extensions package contains UI plugins that provide various extensions to the oVirt administration UI.
Security Fix(es):
* bootstrap: XSS in the data-target attribute (CVE-2016-10735)
* bootstrap: XSS in the tooltip data-viewport attribute (CVE-2018-20676)
* bootstrap: XSS in the affix configuration target property (CVE-2018-20677)
* bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331)
* js-jquery: prototype pollution in object's prototype leading to denial of service or remote code execution or property injection (CVE-2019-11358)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* Known moderate severity security vulnerability detected by GitHub on ovirt-engine-ui-extensions components (BZ#1694035)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for ovirt-engine-ui-extensions is now available for Red Hat Virtualization Engine 4.3.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The ovirt-engine-ui-extensions package contains UI plugins that provide various extensions to the oVirt administration UI.\n\nSecurity Fix(es):\n\n* bootstrap: XSS in the data-target attribute (CVE-2016-10735)\n\n* bootstrap: XSS in the tooltip data-viewport attribute (CVE-2018-20676)\n\n* bootstrap: XSS in the affix configuration target property (CVE-2018-20677)\n\n* bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331)\n\n* js-jquery: prototype pollution in object\u0027s prototype leading to denial of service or remote code execution or property injection (CVE-2019-11358)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Known moderate severity security vulnerability detected by GitHub on ovirt-engine-ui-extensions components (BZ#1694035)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2019:3023",
"url": "https://access.redhat.com/errata/RHSA-2019:3023"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1668082",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668082"
},
{
"category": "external",
"summary": "1668089",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668089"
},
{
"category": "external",
"summary": "1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "external",
"summary": "1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "1752576",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1752576"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_3023.json"
}
],
"title": "Red Hat Security Advisory: ovirt-engine-ui-extensions security and bug fix update",
"tracking": {
"current_release_date": "2025-10-10T01:34:05+00:00",
"generator": {
"date": "2025-10-10T01:34:05+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2019:3023",
"initial_release_date": "2019-10-10T15:38:32+00:00",
"revision_history": [
{
"date": "2019-10-10T15:38:32+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2019-10-10T15:38:32+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-10T01:34:05+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHV-M 4.3",
"product": {
"name": "RHV-M 4.3",
"product_id": "7Server-RHV-S-4.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhev_manager:4.3"
}
}
}
],
"category": "product_family",
"name": "Red Hat Virtualization"
},
{
"branches": [
{
"category": "product_version",
"name": "ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch",
"product": {
"name": "ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch",
"product_id": "ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-ui-extensions@1.0.10-1.el7ev?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src",
"product": {
"name": "ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src",
"product_id": "ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-ui-extensions@1.0.10-1.el7ev?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch as a component of RHV-M 4.3",
"product_id": "7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch"
},
"product_reference": "ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch",
"relates_to_product_reference": "7Server-RHV-S-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src as a component of RHV-M 4.3",
"product_id": "7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src"
},
"product_reference": "ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src",
"relates_to_product_reference": "7Server-RHV-S-4.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-10735",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668097"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the data-target attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-10735"
},
{
"category": "external",
"summary": "RHBZ#1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10735"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735"
}
],
"release_date": "2016-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-10-10T15:38:32+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3023"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the data-target attribute"
},
{
"cve": "CVE-2018-20676",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668082"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting, caused by improper validation of user-supplied input by the tooltip data-viewport attribute. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the tooltip data-viewport attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions do not use the vulnerable component at all.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-20676"
},
{
"category": "external",
"summary": "RHBZ#1668082",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668082"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-20676",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20676"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20676",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20676"
}
],
"release_date": "2018-08-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-10-10T15:38:32+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3023"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the tooltip data-viewport attribute"
},
{
"cve": "CVE-2018-20677",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668089"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting caused by improper validation of user-supplied input by the affix configuration target property. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the affix configuration target property",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions do not use the vulnerable component at all.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-20677"
},
{
"category": "external",
"summary": "RHBZ#1668089",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668089"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-20677",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20677"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20677",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20677"
}
],
"release_date": "2018-08-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-10-10T15:38:32+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3023"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the affix configuration target property"
},
{
"cve": "CVE-2019-8331",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-02-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1686454"
}
],
"notes": [
{
"category": "description",
"text": "A cross-site scripting vulnerability was discovered in bootstrap. If an attacker could control the data given to tooltip or popover, they could inject HTML or Javascript into the rendered page when tooltip or popover events fired.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the tooltip or popover data-template attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-8331"
},
{
"category": "external",
"summary": "RHBZ#1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-8331",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8331"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331"
}
],
"release_date": "2019-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-10-10T15:38:32+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3023"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the tooltip or popover data-template attribute"
},
{
"cve": "CVE-2019-11358",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-03-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1701972"
}
],
"notes": [
{
"category": "description",
"text": "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-11358"
},
{
"category": "external",
"summary": "RHBZ#1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/",
"url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/"
},
{
"category": "external",
"summary": "https://www.drupal.org/sa-core-2019-006",
"url": "https://www.drupal.org/sa-core-2019-006"
}
],
"release_date": "2019-03-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-10-10T15:38:32+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3023"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-ui-extensions-0:1.0.10-1.el7ev.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection"
}
]
}
RHSA-2020:3936
Vulnerability from csaf_redhat
Published
2020-09-29 21:12
Modified
2025-10-13 04:53
Summary
Red Hat Security Advisory: ipa security, bug fix, and enhancement update
Notes
Topic
An update for ipa is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments.
The following packages have been upgraded to a later upstream version: ipa (4.6.8). (BZ#1819725)
Security Fix(es):
* js-jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251)
* bootstrap: XSS in the data-target attribute (CVE-2016-10735)
* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)
* bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip. (CVE-2018-14042)
* bootstrap: XSS in the tooltip data-viewport attribute (CVE-2018-20676)
* bootstrap: XSS in the affix configuration target property (CVE-2018-20677)
* bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331)
* js-jquery: prototype pollution in object's prototype leading to denial of service or remote code execution or property injection (CVE-2019-11358)
* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)
* ipa: No password length restriction leads to denial of service (CVE-2020-1722)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.9 Release Notes linked from the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for ipa is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments.\n\nThe following packages have been upgraded to a later upstream version: ipa (4.6.8). (BZ#1819725)\n\nSecurity Fix(es):\n\n* js-jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251)\n\n* bootstrap: XSS in the data-target attribute (CVE-2016-10735)\n\n* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)\n\n* bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip. (CVE-2018-14042)\n\n* bootstrap: XSS in the tooltip data-viewport attribute (CVE-2018-20676)\n\n* bootstrap: XSS in the affix configuration target property (CVE-2018-20677)\n\n* bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331)\n\n* js-jquery: prototype pollution in object\u0027s prototype leading to denial of service or remote code execution or property injection (CVE-2019-11358)\n\n* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)\n\n* ipa: No password length restriction leads to denial of service (CVE-2020-1722)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.9 Release Notes linked from the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:3936",
"url": "https://access.redhat.com/errata/RHSA-2020:3936"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.9_release_notes/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.9_release_notes/index"
},
{
"category": "external",
"summary": "1399546",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1399546"
},
{
"category": "external",
"summary": "1404770",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1404770"
},
{
"category": "external",
"summary": "1545755",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1545755"
},
{
"category": "external",
"summary": "1601614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614"
},
{
"category": "external",
"summary": "1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "1668082",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668082"
},
{
"category": "external",
"summary": "1668089",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668089"
},
{
"category": "external",
"summary": "1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "external",
"summary": "1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "1754902",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1754902"
},
{
"category": "external",
"summary": "1755535",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1755535"
},
{
"category": "external",
"summary": "1756568",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1756568"
},
{
"category": "external",
"summary": "1758406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758406"
},
{
"category": "external",
"summary": "1769791",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1769791"
},
{
"category": "external",
"summary": "1771356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1771356"
},
{
"category": "external",
"summary": "1780548",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1780548"
},
{
"category": "external",
"summary": "1782587",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1782587"
},
{
"category": "external",
"summary": "1788718",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1788718"
},
{
"category": "external",
"summary": "1788907",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1788907"
},
{
"category": "external",
"summary": "1793071",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1793071"
},
{
"category": "external",
"summary": "1795890",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1795890"
},
{
"category": "external",
"summary": "1801791",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1801791"
},
{
"category": "external",
"summary": "1817886",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1817886"
},
{
"category": "external",
"summary": "1817918",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1817918"
},
{
"category": "external",
"summary": "1817919",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1817919"
},
{
"category": "external",
"summary": "1817922",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1817922"
},
{
"category": "external",
"summary": "1817923",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1817923"
},
{
"category": "external",
"summary": "1817927",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1817927"
},
{
"category": "external",
"summary": "1819725",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1819725"
},
{
"category": "external",
"summary": "1825829",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1825829"
},
{
"category": "external",
"summary": "1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "1829787",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1829787"
},
{
"category": "external",
"summary": "1834385",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1834385"
},
{
"category": "external",
"summary": "1842950",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1842950"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_3936.json"
}
],
"title": "Red Hat Security Advisory: ipa security, bug fix, and enhancement update",
"tracking": {
"current_release_date": "2025-10-13T04:53:19+00:00",
"generator": {
"date": "2025-10-13T04:53:19+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2020:3936",
"initial_release_date": "2020-09-29T21:12:26+00:00",
"revision_history": [
{
"date": "2020-09-29T21:12:26+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-09-29T21:12:26+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-13T04:53:19+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Client (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Client Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ComputeNode (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.9",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::workstation"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "ipa-0:4.6.8-5.el7.src",
"product": {
"name": "ipa-0:4.6.8-5.el7.src",
"product_id": "ipa-0:4.6.8-5.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa@4.6.8-5.el7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "ipa-client-0:4.6.8-5.el7.x86_64",
"product": {
"name": "ipa-client-0:4.6.8-5.el7.x86_64",
"product_id": "ipa-client-0:4.6.8-5.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client@4.6.8-5.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"product": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"product_id": "ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-debuginfo@4.6.8-5.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ipa-server-0:4.6.8-5.el7.x86_64",
"product": {
"name": "ipa-server-0:4.6.8-5.el7.x86_64",
"product_id": "ipa-server-0:4.6.8-5.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server@4.6.8-5.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"product": {
"name": "ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"product_id": "ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server-trust-ad@4.6.8-5.el7?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "ipa-client-common-0:4.6.8-5.el7.noarch",
"product": {
"name": "ipa-client-common-0:4.6.8-5.el7.noarch",
"product_id": "ipa-client-common-0:4.6.8-5.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-common@4.6.8-5.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ipa-common-0:4.6.8-5.el7.noarch",
"product": {
"name": "ipa-common-0:4.6.8-5.el7.noarch",
"product_id": "ipa-common-0:4.6.8-5.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-common@4.6.8-5.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ipa-python-compat-0:4.6.8-5.el7.noarch",
"product": {
"name": "ipa-python-compat-0:4.6.8-5.el7.noarch",
"product_id": "ipa-python-compat-0:4.6.8-5.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-python-compat@4.6.8-5.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python2-ipaclient-0:4.6.8-5.el7.noarch",
"product": {
"name": "python2-ipaclient-0:4.6.8-5.el7.noarch",
"product_id": "python2-ipaclient-0:4.6.8-5.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python2-ipaclient@4.6.8-5.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python2-ipalib-0:4.6.8-5.el7.noarch",
"product": {
"name": "python2-ipalib-0:4.6.8-5.el7.noarch",
"product_id": "python2-ipalib-0:4.6.8-5.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python2-ipalib@4.6.8-5.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ipa-server-common-0:4.6.8-5.el7.noarch",
"product": {
"name": "ipa-server-common-0:4.6.8-5.el7.noarch",
"product_id": "ipa-server-common-0:4.6.8-5.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server-common@4.6.8-5.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ipa-server-dns-0:4.6.8-5.el7.noarch",
"product": {
"name": "ipa-server-dns-0:4.6.8-5.el7.noarch",
"product_id": "ipa-server-dns-0:4.6.8-5.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server-dns@4.6.8-5.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python2-ipaserver-0:4.6.8-5.el7.noarch",
"product": {
"name": "python2-ipaserver-0:4.6.8-5.el7.noarch",
"product_id": "python2-ipaserver-0:4.6.8-5.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python2-ipaserver@4.6.8-5.el7?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "ipa-client-0:4.6.8-5.el7.s390x",
"product": {
"name": "ipa-client-0:4.6.8-5.el7.s390x",
"product_id": "ipa-client-0:4.6.8-5.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client@4.6.8-5.el7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "ipa-debuginfo-0:4.6.8-5.el7.s390x",
"product": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.s390x",
"product_id": "ipa-debuginfo-0:4.6.8-5.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-debuginfo@4.6.8-5.el7?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "ipa-client-0:4.6.8-5.el7.ppc64",
"product": {
"name": "ipa-client-0:4.6.8-5.el7.ppc64",
"product_id": "ipa-client-0:4.6.8-5.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client@4.6.8-5.el7?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"product": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"product_id": "ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-debuginfo@4.6.8-5.el7?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "ipa-client-0:4.6.8-5.el7.ppc64le",
"product": {
"name": "ipa-client-0:4.6.8-5.el7.ppc64le",
"product_id": "ipa-client-0:4.6.8-5.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client@4.6.8-5.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"product": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"product_id": "ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-debuginfo@4.6.8-5.el7?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-0:4.6.8-5.el7.src as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9:ipa-0:4.6.8-5.el7.src"
},
"product_reference": "ipa-0:4.6.8-5.el7.src",
"relates_to_product_reference": "7Client-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.ppc64",
"relates_to_product_reference": "7Client-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.ppc64le",
"relates_to_product_reference": "7Client-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.s390x as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.s390x",
"relates_to_product_reference": "7Client-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7Client-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-common-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-client-common-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Client-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-common-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-common-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Client-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"relates_to_product_reference": "7Client-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"relates_to_product_reference": "7Client-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.s390x as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.s390x",
"relates_to_product_reference": "7Client-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7Client-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-python-compat-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-python-compat-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Client-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-server-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7Client-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-common-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-server-common-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Client-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-dns-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-server-dns-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Client-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-trust-ad-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7Client-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-ipaclient-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch"
},
"product_reference": "python2-ipaclient-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Client-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-ipalib-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch"
},
"product_reference": "python2-ipalib-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Client-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-ipaserver-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
},
"product_reference": "python2-ipaserver-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Client-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-0:4.6.8-5.el7.src as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:ipa-0:4.6.8-5.el7.src"
},
"product_reference": "ipa-0:4.6.8-5.el7.src",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.ppc64",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.ppc64le",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.s390x",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-common-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-client-common-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-common-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-common-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.s390x",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-python-compat-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-python-compat-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-server-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-common-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-server-common-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-dns-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-server-dns-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-trust-ad-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-ipaclient-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch"
},
"product_reference": "python2-ipaclient-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-ipalib-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch"
},
"product_reference": "python2-ipalib-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-ipaserver-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
},
"product_reference": "python2-ipaserver-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-0:4.6.8-5.el7.src as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src"
},
"product_reference": "ipa-0:4.6.8-5.el7.src",
"relates_to_product_reference": "7ComputeNode-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.s390x",
"relates_to_product_reference": "7ComputeNode-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-common-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-client-common-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7ComputeNode-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-common-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-common-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7ComputeNode-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.s390x",
"relates_to_product_reference": "7ComputeNode-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-python-compat-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-python-compat-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7ComputeNode-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-server-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-common-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-server-common-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7ComputeNode-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-dns-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-server-dns-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7ComputeNode-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-trust-ad-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-ipaclient-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch"
},
"product_reference": "python2-ipaclient-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7ComputeNode-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-ipalib-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch"
},
"product_reference": "python2-ipalib-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7ComputeNode-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-ipaserver-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
},
"product_reference": "python2-ipaserver-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7ComputeNode-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-0:4.6.8-5.el7.src as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src"
},
"product_reference": "ipa-0:4.6.8-5.el7.src",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-common-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-client-common-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-common-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-common-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-python-compat-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-python-compat-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-server-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-common-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-server-common-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-dns-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-server-dns-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-trust-ad-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-ipaclient-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch"
},
"product_reference": "python2-ipaclient-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-ipalib-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch"
},
"product_reference": "python2-ipalib-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-ipaserver-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
},
"product_reference": "python2-ipaserver-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-0:4.6.8-5.el7.src as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:ipa-0:4.6.8-5.el7.src"
},
"product_reference": "ipa-0:4.6.8-5.el7.src",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.ppc64",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.ppc64le",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.s390x",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-common-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-client-common-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-common-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-common-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.s390x",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-python-compat-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-python-compat-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-server-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-common-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-server-common-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-dns-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-server-dns-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-trust-ad-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-ipaclient-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch"
},
"product_reference": "python2-ipaclient-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-ipalib-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch"
},
"product_reference": "python2-ipalib-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-ipaserver-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
},
"product_reference": "python2-ipaserver-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-0:4.6.8-5.el7.src as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:ipa-0:4.6.8-5.el7.src"
},
"product_reference": "ipa-0:4.6.8-5.el7.src",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.ppc64",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.ppc64le",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.s390x",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-common-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-client-common-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-common-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-common-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.s390x",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-python-compat-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-python-compat-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-server-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-common-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-server-common-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-dns-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-server-dns-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-trust-ad-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-ipaclient-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch"
},
"product_reference": "python2-ipaclient-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-ipalib-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch"
},
"product_reference": "python2-ipalib-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-ipaserver-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
},
"product_reference": "python2-ipaserver-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Workstation-7.9"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-9251",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2016-11-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1399546"
}
],
"notes": [
{
"category": "description",
"text": "jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Cross-site scripting via cross-domain ajax requests",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-9251"
},
{
"category": "external",
"summary": "RHBZ#1399546",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1399546"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-9251",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9251"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-9251",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-9251"
}
],
"release_date": "2015-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-29T21:12:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3936"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Cross-site scripting via cross-domain ajax requests"
},
{
"cve": "CVE-2016-10735",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668097"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the data-target attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-10735"
},
{
"category": "external",
"summary": "RHBZ#1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10735"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735"
}
],
"release_date": "2016-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-29T21:12:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3936"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the data-target attribute"
},
{
"cve": "CVE-2018-14040",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601614"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14040"
},
{
"category": "external",
"summary": "RHBZ#1601614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14040",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14040"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-29T21:12:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3936"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute"
},
{
"cve": "CVE-2018-14042",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601617"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14042"
},
{
"category": "external",
"summary": "RHBZ#1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14042",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14042"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-29T21:12:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3936"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip"
},
{
"cve": "CVE-2018-20676",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668082"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting, caused by improper validation of user-supplied input by the tooltip data-viewport attribute. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the tooltip data-viewport attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions do not use the vulnerable component at all.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-20676"
},
{
"category": "external",
"summary": "RHBZ#1668082",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668082"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-20676",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20676"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20676",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20676"
}
],
"release_date": "2018-08-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-29T21:12:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3936"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the tooltip data-viewport attribute"
},
{
"cve": "CVE-2018-20677",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668089"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting caused by improper validation of user-supplied input by the affix configuration target property. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the affix configuration target property",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions do not use the vulnerable component at all.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-20677"
},
{
"category": "external",
"summary": "RHBZ#1668089",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668089"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-20677",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20677"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20677",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20677"
}
],
"release_date": "2018-08-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-29T21:12:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3936"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the affix configuration target property"
},
{
"cve": "CVE-2019-8331",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-02-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1686454"
}
],
"notes": [
{
"category": "description",
"text": "A cross-site scripting vulnerability was discovered in bootstrap. If an attacker could control the data given to tooltip or popover, they could inject HTML or Javascript into the rendered page when tooltip or popover events fired.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the tooltip or popover data-template attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-8331"
},
{
"category": "external",
"summary": "RHBZ#1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-8331",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8331"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331"
}
],
"release_date": "2019-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-29T21:12:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3936"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the tooltip or popover data-template attribute"
},
{
"cve": "CVE-2019-11358",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-03-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1701972"
}
],
"notes": [
{
"category": "description",
"text": "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-11358"
},
{
"category": "external",
"summary": "RHBZ#1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/",
"url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/"
},
{
"category": "external",
"summary": "https://www.drupal.org/sa-core-2019-006",
"url": "https://www.drupal.org/sa-core-2019-006"
}
],
"release_date": "2019-03-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-29T21:12:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3936"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection"
},
{
"acknowledgments": [
{
"names": [
"Pritam Singh"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2020-1722",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2019-12-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1793071"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in IPA. When sending a very long password (\u003e= 1,000,000 characters) to the server, the password hashing process could exhaust memory and CPU leading to a denial of service and the website becoming unresponsive. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ipa: No password length restriction leads to denial of service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-1722"
},
{
"category": "external",
"summary": "RHBZ#1793071",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1793071"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-1722",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1722"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1722",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1722"
}
],
"release_date": "2020-04-14T04:26:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-29T21:12:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3936"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "ipa: No password length restriction leads to denial of service"
},
{
"cve": "CVE-2020-11022",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-04-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1828406"
}
],
"notes": [
{
"category": "description",
"text": "A Cross-site scripting (XSS) vulnerability exists in JQuery. This flaw allows an attacker with the ability to supply input to the \u2018HTML\u2019 function to inject Javascript into the page where that input is rendered, and have it delivered by the browser.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "No supported release of Red Hat OpenStack Platform is affected by this vulnerability as no shipped packages contain the vulnerable code.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11022"
},
{
"category": "external",
"summary": "RHBZ#1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11022",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2",
"url": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2"
}
],
"release_date": "2020-04-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-29T21:12:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3936"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method"
}
]
}
rhsa-2020_0133
Vulnerability from csaf_redhat
Published
2020-01-16 16:02
Modified
2024-11-22 14:18
Summary
Red Hat Security Advisory: Red Hat Decision Manager 7.6.0 Security Update
Notes
Topic
An update is now available for Red Hat Decision Manager.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Decision Manager is an open source decision management platform that combines business rules management, complex event processing, Decision Model & Notation (DMN) execution, and Business Optimizer for solving planning problems. It automates business decisions and makes that logic available to the entire business.
This release of Red Hat Decision Manager 7.6.0 serves as an update to Red Hat Decision Manager 7.5.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* bootstrap: XSS in the affix configuration target property (CVE-2018-20677)
* bootstrap: XSS in the data-target attribute (CVE-2016-10735)
* bootstrap: XSS in the tooltip data-viewport attribute (CVE-2018-20676)
* Business-central: Encrypted password shown under Object id 7 of errai_security_context (CVE-2019-14886)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat Decision Manager.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Decision Manager is an open source decision management platform that combines business rules management, complex event processing, Decision Model \u0026 Notation (DMN) execution, and Business Optimizer for solving planning problems. It automates business decisions and makes that logic available to the entire business. \n\nThis release of Red Hat Decision Manager 7.6.0 serves as an update to Red Hat Decision Manager 7.5.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* bootstrap: XSS in the affix configuration target property (CVE-2018-20677)\n\n* bootstrap: XSS in the data-target attribute (CVE-2016-10735)\n\n* bootstrap: XSS in the tooltip data-viewport attribute (CVE-2018-20676)\n\n* Business-central: Encrypted password shown under Object id 7 of errai_security_context (CVE-2019-14886)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:0133",
"url": "https://access.redhat.com/errata/RHSA-2020:0133"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=rhdm\u0026version=7.6.0",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=rhdm\u0026version=7.6.0"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_decision_manager/7.6/html/release_notes_for_red_hat_decision_manager_7.6/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_decision_manager/7.6/html/release_notes_for_red_hat_decision_manager_7.6/index"
},
{
"category": "external",
"summary": "1668082",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668082"
},
{
"category": "external",
"summary": "1668089",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668089"
},
{
"category": "external",
"summary": "1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "1771354",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1771354"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_0133.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Decision Manager 7.6.0 Security Update",
"tracking": {
"current_release_date": "2024-11-22T14:18:12+00:00",
"generator": {
"date": "2024-11-22T14:18:12+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2020:0133",
"initial_release_date": "2020-01-16T16:02:45+00:00",
"revision_history": [
{
"date": "2020-01-16T16:02:45+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-01-16T16:02:45+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T14:18:12+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Decision Manager 7",
"product": {
"name": "Red Hat Decision Manager 7",
"product_id": "Red Hat Decision Manager 7",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_brms_platform:7.6"
}
}
}
],
"category": "product_family",
"name": "Red Hat Decision Manager"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-10735",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668097"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the data-target attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Decision Manager 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-10735"
},
{
"category": "external",
"summary": "RHBZ#1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10735"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735"
}
],
"release_date": "2016-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-01-16T16:02:45+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Decision Manager 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0133"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat Decision Manager 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the data-target attribute"
},
{
"cve": "CVE-2018-20676",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668082"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting, caused by improper validation of user-supplied input by the tooltip data-viewport attribute. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the tooltip data-viewport attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions do not use the vulnerable component at all.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Decision Manager 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-20676"
},
{
"category": "external",
"summary": "RHBZ#1668082",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668082"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-20676",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20676"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20676",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20676"
}
],
"release_date": "2018-08-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-01-16T16:02:45+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Decision Manager 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0133"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat Decision Manager 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the tooltip data-viewport attribute"
},
{
"cve": "CVE-2018-20677",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668089"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting caused by improper validation of user-supplied input by the affix configuration target property. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the affix configuration target property",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions do not use the vulnerable component at all.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Decision Manager 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-20677"
},
{
"category": "external",
"summary": "RHBZ#1668089",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668089"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-20677",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20677"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20677",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20677"
}
],
"release_date": "2018-08-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-01-16T16:02:45+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Decision Manager 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0133"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat Decision Manager 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the affix configuration target property"
},
{
"cve": "CVE-2019-14886",
"cwe": {
"id": "CWE-312",
"name": "Cleartext Storage of Sensitive Information"
},
"discovery_date": "2019-11-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1771354"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in business-central where encoded passwords are stored in errai_security_context. The encoding used for storing the passwords is Base64, not an encryption algorithm, and any recovery of these passwords could lead to user passwords being exposed.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Business-central: Encrypted password shown under Object id 7 of errai_security_context",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Decision Manager 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-14886"
},
{
"category": "external",
"summary": "RHBZ#1771354",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1771354"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-14886",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14886"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14886",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14886"
},
{
"category": "external",
"summary": "https://groups.google.com/forum/?utm_medium=email\u0026utm_source=footer#!msg/jbpm-usage/74pSuwfGKRU/0oXpmRScBQAJ",
"url": "https://groups.google.com/forum/?utm_medium=email\u0026utm_source=footer#!msg/jbpm-usage/74pSuwfGKRU/0oXpmRScBQAJ"
}
],
"release_date": "2019-09-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-01-16T16:02:45+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Decision Manager 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0133"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat Decision Manager 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Business-central: Encrypted password shown under Object id 7 of errai_security_context"
}
]
}
RHSA-2020:4847
Vulnerability from csaf_redhat
Published
2020-11-04 01:39
Modified
2025-10-13 04:53
Summary
Red Hat Security Advisory: pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update
Notes
Topic
An update for the pki-core:10.6 and pki-deps:10.6 modules is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The Public Key Infrastructure (PKI) Core contains fundamental packages required by Red Hat Certificate System.
Security Fix(es):
* jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251)
* bootstrap: XSS in the data-target attribute (CVE-2016-10735)
* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)
* bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip (CVE-2018-14042)
* bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331)
* jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection (CVE-2019-11358)
* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)
* jquery: Passing HTML containing <option> elements to manipulation methods could result in untrusted code execution (CVE-2020-11023)
* pki: Dogtag's python client does not validate certificates (CVE-2020-15720)
* pki-core: Reflected XSS in 'path length' constraint field in CA's Agent page (CVE-2019-10146)
* pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA's DRM agent page in authorize recovery tab (CVE-2019-10179)
* pki-core: Reflected XSS in getcookies?url= endpoint in CA (CVE-2019-10221)
* pki-core: KRA vulnerable to reflected XSS via the getPk12 page (CVE-2020-1721)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for the pki-core:10.6 and pki-deps:10.6 modules is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The Public Key Infrastructure (PKI) Core contains fundamental packages required by Red Hat Certificate System.\n\nSecurity Fix(es):\n\n* jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251)\n\n* bootstrap: XSS in the data-target attribute (CVE-2016-10735)\n\n* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)\n\n* bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip (CVE-2018-14042)\n\n* bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331)\n\n* jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection (CVE-2019-11358)\n\n* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)\n\n* jquery: Passing HTML containing \u003coption\u003e elements to manipulation methods could result in untrusted code execution (CVE-2020-11023)\n\n* pki: Dogtag\u0027s python client does not validate certificates (CVE-2020-15720)\n\n* pki-core: Reflected XSS in \u0027path length\u0027 constraint field in CA\u0027s Agent page (CVE-2019-10146)\n\n* pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA\u0027s DRM agent page in authorize recovery tab (CVE-2019-10179)\n\n* pki-core: Reflected XSS in getcookies?url= endpoint in CA (CVE-2019-10221)\n\n* pki-core: KRA vulnerable to reflected XSS via the getPk12 page (CVE-2020-1721)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:4847",
"url": "https://access.redhat.com/errata/RHSA-2020:4847"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.3_release_notes/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.3_release_notes/"
},
{
"category": "external",
"summary": "1376706",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1376706"
},
{
"category": "external",
"summary": "1399546",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1399546"
},
{
"category": "external",
"summary": "1406505",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1406505"
},
{
"category": "external",
"summary": "1601614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614"
},
{
"category": "external",
"summary": "1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "1666907",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666907"
},
{
"category": "external",
"summary": "1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "external",
"summary": "1695901",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695901"
},
{
"category": "external",
"summary": "1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "1706521",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1706521"
},
{
"category": "external",
"summary": "1710171",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1710171"
},
{
"category": "external",
"summary": "1721684",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1721684"
},
{
"category": "external",
"summary": "1724433",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1724433"
},
{
"category": "external",
"summary": "1732565",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1732565"
},
{
"category": "external",
"summary": "1732981",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1732981"
},
{
"category": "external",
"summary": "1777579",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1777579"
},
{
"category": "external",
"summary": "1805541",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1805541"
},
{
"category": "external",
"summary": "1817247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1817247"
},
{
"category": "external",
"summary": "1821851",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1821851"
},
{
"category": "external",
"summary": "1822246",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1822246"
},
{
"category": "external",
"summary": "1824939",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1824939"
},
{
"category": "external",
"summary": "1824948",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1824948"
},
{
"category": "external",
"summary": "1825998",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1825998"
},
{
"category": "external",
"summary": "1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "1842734",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1842734"
},
{
"category": "external",
"summary": "1842736",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1842736"
},
{
"category": "external",
"summary": "1843537",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1843537"
},
{
"category": "external",
"summary": "1845447",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1845447"
},
{
"category": "external",
"summary": "1850004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004"
},
{
"category": "external",
"summary": "1854043",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1854043"
},
{
"category": "external",
"summary": "1854959",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1854959"
},
{
"category": "external",
"summary": "1855273",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1855273"
},
{
"category": "external",
"summary": "1855319",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1855319"
},
{
"category": "external",
"summary": "1856368",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1856368"
},
{
"category": "external",
"summary": "1857933",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857933"
},
{
"category": "external",
"summary": "1861911",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1861911"
},
{
"category": "external",
"summary": "1869893",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1869893"
},
{
"category": "external",
"summary": "1871064",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1871064"
},
{
"category": "external",
"summary": "1873235",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1873235"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_4847.json"
}
],
"title": "Red Hat Security Advisory: pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update",
"tracking": {
"current_release_date": "2025-10-13T04:53:20+00:00",
"generator": {
"date": "2025-10-13T04:53:20+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2020:4847",
"initial_release_date": "2020-11-04T01:39:43+00:00",
"revision_history": [
{
"date": "2020-11-04T01:39:43+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-11-04T01:39:43+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-13T04:53:20+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product": {
"name": "apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6)",
"product_id": "apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/apache-commons-collections@3.2.2-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product": {
"name": "apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6)",
"product_id": "apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/apache-commons-lang@2.6-21.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"product": {
"name": "apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm (pki-deps:10.6)",
"product_id": "apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/apache-commons-net@3.6-3.module%2Bel8.3.0%2B6805%2B72837426?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product": {
"name": "bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6)",
"product_id": "bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bea-stax-api@1.2.0-16.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product": {
"name": "glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6)",
"product_id": "glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glassfish-fastinfoset@1.2.13-9.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product": {
"name": "glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6)",
"product_id": "glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glassfish-jaxb-api@2.2.12-8.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product": {
"name": "glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6)",
"product_id": "glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glassfish-jaxb-core@2.2.11-11.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product": {
"name": "glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6)",
"product_id": "glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glassfish-jaxb-runtime@2.2.11-11.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product": {
"name": "glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6)",
"product_id": "glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glassfish-jaxb-txw2@2.2.11-11.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"product": {
"name": "jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm (pki-deps:10.6)",
"product_id": "jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jackson-annotations@2.10.0-1.module%2Bel8.2.0%2B5059%2B3eb3af25?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"product": {
"name": "jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm (pki-deps:10.6)",
"product_id": "jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jackson-core@2.10.0-1.module%2Bel8.2.0%2B5059%2B3eb3af25?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"product": {
"name": "jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm (pki-deps:10.6)",
"product_id": "jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jackson-databind@2.10.0-1.module%2Bel8.2.0%2B5059%2B3eb3af25?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"product": {
"name": "jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm (pki-deps:10.6)",
"product_id": "jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jackson-jaxrs-json-provider@2.9.9-1.module%2Bel8.1.0%2B3832%2B9784644d?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"product": {
"name": "jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm (pki-deps:10.6)",
"product_id": "jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jackson-jaxrs-providers@2.9.9-1.module%2Bel8.1.0%2B3832%2B9784644d?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product": {
"name": "jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6)",
"product_id": "jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jackson-module-jaxb-annotations@2.7.6-4.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product": {
"name": "jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6)",
"product_id": "jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jakarta-commons-httpclient@3.1-28.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch\u0026epoch=1\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product": {
"name": "javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6)",
"product_id": "javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/javassist@3.18.1-8.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product": {
"name": "javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6)",
"product_id": "javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/javassist-javadoc@3.18.1-8.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"product": {
"name": "pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm (pki-deps:10.6)",
"product_id": "pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-servlet-4.0-api@9.0.30-1.module%2Bel8.3.0%2B6730%2B8f9c6254?arch=noarch\u0026epoch=1\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"product": {
"name": "pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm (pki-deps:10.6)",
"product_id": "pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-servlet-engine@9.0.30-1.module%2Bel8.3.0%2B6730%2B8f9c6254?arch=noarch\u0026epoch=1\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product": {
"name": "relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6)",
"product_id": "relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/relaxngDatatype@2011.1-7.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"product": {
"name": "resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm (pki-deps:10.6)",
"product_id": "resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/resteasy@3.0.26-3.module%2Bel8.2.0%2B5723%2B4574fbff?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product": {
"name": "slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6)",
"product_id": "slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slf4j@1.7.25-4.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product": {
"name": "slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6)",
"product_id": "slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slf4j-jdk14@1.7.25-4.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"product": {
"name": "stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm (pki-deps:10.6)",
"product_id": "stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/stax-ex@1.7.7-8.module%2Bel8.2.0%2B5723%2B4574fbff?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product": {
"name": "velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6)",
"product_id": "velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/velocity@1.7-24.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product": {
"name": "xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6)",
"product_id": "xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/xalan-j2@2.7.1-38.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product": {
"name": "xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6)",
"product_id": "xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/xerces-j2@2.11.0-34.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product": {
"name": "xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6)",
"product_id": "xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/xml-commons-apis@1.4.01-25.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product": {
"name": "xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6)",
"product_id": "xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/xml-commons-resolver@1.2-26.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"product": {
"name": "xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm (pki-deps:10.6)",
"product_id": "xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/xmlstreambuffer@1.5.4-8.module%2Bel8.2.0%2B5723%2B4574fbff?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product": {
"name": "xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6)",
"product_id": "xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/xsom@0-19.20110809svn.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"product": {
"name": "ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm (pki-core:10.6)",
"product_id": "ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ldapjdk@4.22.0-1.module%2Bel8.3.0%2B6784%2B6e1e4c62?arch=noarch\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"product": {
"name": "ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm (pki-core:10.6)",
"product_id": "ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ldapjdk-javadoc@4.22.0-1.module%2Bel8.3.0%2B6784%2B6e1e4c62?arch=noarch\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"product": {
"name": "pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm (pki-core:10.6)",
"product_id": "pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-base@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=noarch\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"product": {
"name": "pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm (pki-core:10.6)",
"product_id": "pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-base-java@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=noarch\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"product": {
"name": "pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm (pki-core:10.6)",
"product_id": "pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-ca@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=noarch\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"product": {
"name": "pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm (pki-core:10.6)",
"product_id": "pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-kra@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=noarch\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"product": {
"name": "pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm (pki-core:10.6)",
"product_id": "pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-server@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=noarch\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"product": {
"name": "python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm (pki-core:10.6)",
"product_id": "python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-pki@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=noarch\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"product": {
"name": "tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm (pki-core:10.6)",
"product_id": "tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcatjss@7.5.0-1.module%2Bel8.3.0%2B7355%2Bc59bcbd9?arch=noarch\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"product": {
"name": "apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm (pki-deps:10.6)",
"product_id": "apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/apache-commons-collections@3.2.2-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"product": {
"name": "apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm (pki-deps:10.6)",
"product_id": "apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/apache-commons-lang@2.6-21.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"product": {
"name": "apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm (pki-deps:10.6)",
"product_id": "apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/apache-commons-net@3.6-3.module%2Bel8.3.0%2B6805%2B72837426?arch=src\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"product": {
"name": "bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm (pki-deps:10.6)",
"product_id": "bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bea-stax@1.2.0-16.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"product": {
"name": "glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm (pki-deps:10.6)",
"product_id": "glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glassfish-fastinfoset@1.2.13-9.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"product": {
"name": "glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm (pki-deps:10.6)",
"product_id": "glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glassfish-jaxb@2.2.11-11.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"product": {
"name": "glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm (pki-deps:10.6)",
"product_id": "glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glassfish-jaxb-api@2.2.12-8.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"product": {
"name": "jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm (pki-deps:10.6)",
"product_id": "jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jackson-annotations@2.10.0-1.module%2Bel8.2.0%2B5059%2B3eb3af25?arch=src\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"product": {
"name": "jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm (pki-deps:10.6)",
"product_id": "jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jackson-core@2.10.0-1.module%2Bel8.2.0%2B5059%2B3eb3af25?arch=src\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"product": {
"name": "jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm (pki-deps:10.6)",
"product_id": "jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jackson-databind@2.10.0-1.module%2Bel8.2.0%2B5059%2B3eb3af25?arch=src\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"product": {
"name": "jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm (pki-deps:10.6)",
"product_id": "jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jackson-jaxrs-providers@2.9.9-1.module%2Bel8.1.0%2B3832%2B9784644d?arch=src\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"product": {
"name": "jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm (pki-deps:10.6)",
"product_id": "jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jackson-module-jaxb-annotations@2.7.6-4.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"product": {
"name": "jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm (pki-deps:10.6)",
"product_id": "jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jakarta-commons-httpclient@3.1-28.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src\u0026epoch=1\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"product": {
"name": "javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm (pki-deps:10.6)",
"product_id": "javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/javassist@3.18.1-8.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"product": {
"name": "pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm (pki-deps:10.6)",
"product_id": "pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-servlet-engine@9.0.30-1.module%2Bel8.3.0%2B6730%2B8f9c6254?arch=src\u0026epoch=1\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"product": {
"name": "python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm (pki-deps:10.6)",
"product_id": "python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-nss@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"product": {
"name": "relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm (pki-deps:10.6)",
"product_id": "relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/relaxngDatatype@2011.1-7.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"product": {
"name": "resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm (pki-deps:10.6)",
"product_id": "resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/resteasy@3.0.26-3.module%2Bel8.2.0%2B5723%2B4574fbff?arch=src\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"product": {
"name": "slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm (pki-deps:10.6)",
"product_id": "slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slf4j@1.7.25-4.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"product": {
"name": "stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm (pki-deps:10.6)",
"product_id": "stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/stax-ex@1.7.7-8.module%2Bel8.2.0%2B5723%2B4574fbff?arch=src\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"product": {
"name": "velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm (pki-deps:10.6)",
"product_id": "velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/velocity@1.7-24.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"product": {
"name": "xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm (pki-deps:10.6)",
"product_id": "xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/xalan-j2@2.7.1-38.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"product": {
"name": "xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm (pki-deps:10.6)",
"product_id": "xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/xerces-j2@2.11.0-34.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"product": {
"name": "xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm (pki-deps:10.6)",
"product_id": "xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/xml-commons-apis@1.4.01-25.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"product": {
"name": "xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm (pki-deps:10.6)",
"product_id": "xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/xml-commons-resolver@1.2-26.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"product": {
"name": "xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm (pki-deps:10.6)",
"product_id": "xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/xmlstreambuffer@1.5.4-8.module%2Bel8.2.0%2B5723%2B4574fbff?arch=src\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"product": {
"name": "xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm (pki-deps:10.6)",
"product_id": "xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/xsom@0-19.20110809svn.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"product": {
"name": "jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm (pki-core:10.6)",
"product_id": "jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jss@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=src\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"product": {
"name": "ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm (pki-core:10.6)",
"product_id": "ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ldapjdk@4.22.0-1.module%2Bel8.3.0%2B6784%2B6e1e4c62?arch=src\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"product": {
"name": "pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm (pki-core:10.6)",
"product_id": "pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-core@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=src\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"product": {
"name": "tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm (pki-core:10.6)",
"product_id": "tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcatjss@7.5.0-1.module%2Bel8.3.0%2B7355%2Bc59bcbd9?arch=src\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"product": {
"name": "python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm (pki-deps:10.6)",
"product_id": "python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-nss-debugsource@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=x86_64\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"product": {
"name": "python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm (pki-deps:10.6)",
"product_id": "python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-nss-doc@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=x86_64\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"product": {
"name": "python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm (pki-deps:10.6)",
"product_id": "python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-nss@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=x86_64\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"product": {
"name": "python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm (pki-deps:10.6)",
"product_id": "python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-nss-debuginfo@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=x86_64\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"product": {
"name": "jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm (pki-core:10.6)",
"product_id": "jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jss@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=x86_64\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"product": {
"name": "jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm (pki-core:10.6)",
"product_id": "jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jss-debuginfo@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=x86_64\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"product": {
"name": "jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm (pki-core:10.6)",
"product_id": "jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jss-debugsource@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=x86_64\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"product": {
"name": "jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm (pki-core:10.6)",
"product_id": "jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jss-javadoc@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=x86_64\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"product": {
"name": "pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm (pki-core:10.6)",
"product_id": "pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-core-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=x86_64\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"product": {
"name": "pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm (pki-core:10.6)",
"product_id": "pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-core-debugsource@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=x86_64\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"product": {
"name": "pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm (pki-core:10.6)",
"product_id": "pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-symkey@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=x86_64\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"product": {
"name": "pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm (pki-core:10.6)",
"product_id": "pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-symkey-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=x86_64\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"product": {
"name": "pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm (pki-core:10.6)",
"product_id": "pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-tools@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=x86_64\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"product": {
"name": "pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm (pki-core:10.6)",
"product_id": "pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-tools-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=x86_64\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"product": {
"name": "python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm (pki-deps:10.6)",
"product_id": "python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-nss-debugsource@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=s390x\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"product": {
"name": "python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm (pki-deps:10.6)",
"product_id": "python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-nss-doc@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=s390x\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"product": {
"name": "python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm (pki-deps:10.6)",
"product_id": "python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-nss@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=s390x\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"product": {
"name": "python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm (pki-deps:10.6)",
"product_id": "python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-nss-debuginfo@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=s390x\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"product": {
"name": "jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm (pki-core:10.6)",
"product_id": "jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jss@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=s390x\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"product": {
"name": "jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm (pki-core:10.6)",
"product_id": "jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jss-debuginfo@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=s390x\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"product": {
"name": "jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm (pki-core:10.6)",
"product_id": "jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jss-debugsource@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=s390x\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"product": {
"name": "jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm (pki-core:10.6)",
"product_id": "jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jss-javadoc@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=s390x\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"product": {
"name": "pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm (pki-core:10.6)",
"product_id": "pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-core-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=s390x\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"product": {
"name": "pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm (pki-core:10.6)",
"product_id": "pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-core-debugsource@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=s390x\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"product": {
"name": "pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm (pki-core:10.6)",
"product_id": "pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-symkey@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=s390x\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"product": {
"name": "pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm (pki-core:10.6)",
"product_id": "pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-symkey-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=s390x\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"product": {
"name": "pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm (pki-core:10.6)",
"product_id": "pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-tools@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=s390x\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"product": {
"name": "pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm (pki-core:10.6)",
"product_id": "pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-tools-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=s390x\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"product": {
"name": "python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm (pki-deps:10.6)",
"product_id": "python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-nss-debugsource@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=ppc64le\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"product": {
"name": "python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm (pki-deps:10.6)",
"product_id": "python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-nss-doc@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=ppc64le\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"product": {
"name": "python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm (pki-deps:10.6)",
"product_id": "python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-nss@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=ppc64le\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"product": {
"name": "python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm (pki-deps:10.6)",
"product_id": "python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-nss-debuginfo@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=ppc64le\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"product": {
"name": "jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm (pki-core:10.6)",
"product_id": "jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jss@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=ppc64le\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"product": {
"name": "jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm (pki-core:10.6)",
"product_id": "jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jss-debuginfo@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=ppc64le\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"product": {
"name": "jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm (pki-core:10.6)",
"product_id": "jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jss-debugsource@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=ppc64le\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"product": {
"name": "jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm (pki-core:10.6)",
"product_id": "jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jss-javadoc@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=ppc64le\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"product": {
"name": "pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm (pki-core:10.6)",
"product_id": "pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-core-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=ppc64le\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"product": {
"name": "pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm (pki-core:10.6)",
"product_id": "pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-core-debugsource@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=ppc64le\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"product": {
"name": "pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm (pki-core:10.6)",
"product_id": "pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-symkey@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=ppc64le\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"product": {
"name": "pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm (pki-core:10.6)",
"product_id": "pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-symkey-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=ppc64le\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"product": {
"name": "pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm (pki-core:10.6)",
"product_id": "pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-tools@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=ppc64le\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"product": {
"name": "pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm (pki-core:10.6)",
"product_id": "pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-tools-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=ppc64le\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"product": {
"name": "python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm (pki-deps:10.6)",
"product_id": "python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-nss-debugsource@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=aarch64\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"product": {
"name": "python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm (pki-deps:10.6)",
"product_id": "python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-nss-doc@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=aarch64\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"product": {
"name": "python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm (pki-deps:10.6)",
"product_id": "python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-nss@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=aarch64\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"product": {
"name": "python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm (pki-deps:10.6)",
"product_id": "python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-nss-debuginfo@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=aarch64\u0026rpmmod=pki-deps:10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"product": {
"name": "jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm (pki-core:10.6)",
"product_id": "jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jss@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=aarch64\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"product": {
"name": "jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm (pki-core:10.6)",
"product_id": "jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jss-debuginfo@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=aarch64\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"product": {
"name": "jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm (pki-core:10.6)",
"product_id": "jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jss-debugsource@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=aarch64\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"product": {
"name": "jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm (pki-core:10.6)",
"product_id": "jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jss-javadoc@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=aarch64\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"product": {
"name": "pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm (pki-core:10.6)",
"product_id": "pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-core-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=aarch64\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"product": {
"name": "pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm (pki-core:10.6)",
"product_id": "pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-core-debugsource@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=aarch64\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"product": {
"name": "pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm (pki-core:10.6)",
"product_id": "pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-symkey@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=aarch64\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"product": {
"name": "pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm (pki-core:10.6)",
"product_id": "pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-symkey-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=aarch64\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"product": {
"name": "pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm (pki-core:10.6)",
"product_id": "pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-tools@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=aarch64\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"product": {
"name": "pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm (pki-core:10.6)",
"product_id": "pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-tools-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=aarch64\u0026rpmmod=pki-core:10.6:8030020200911215836:5ff1562f"
}
}
}
],
"category": "architecture",
"name": "aarch64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6"
},
"product_reference": "apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
},
"product_reference": "apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6"
},
"product_reference": "apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
},
"product_reference": "apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6"
},
"product_reference": "apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6"
},
"product_reference": "apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
},
"product_reference": "bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6"
},
"product_reference": "bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6"
},
"product_reference": "glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
},
"product_reference": "glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
},
"product_reference": "glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6"
},
"product_reference": "glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
},
"product_reference": "glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6"
},
"product_reference": "glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6"
},
"product_reference": "glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6"
},
"product_reference": "glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6"
},
"product_reference": "jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6"
},
"product_reference": "jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6"
},
"product_reference": "jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6"
},
"product_reference": "jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6"
},
"product_reference": "jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6"
},
"product_reference": "jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6"
},
"product_reference": "jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6"
},
"product_reference": "jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6"
},
"product_reference": "jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6"
},
"product_reference": "jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
},
"product_reference": "jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6"
},
"product_reference": "jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
},
"product_reference": "jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6"
},
"product_reference": "javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
},
"product_reference": "javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6"
},
"product_reference": "javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6"
},
"product_reference": "jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6"
},
"product_reference": "jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6"
},
"product_reference": "jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6"
},
"product_reference": "jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6"
},
"product_reference": "jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6"
},
"product_reference": "jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6"
},
"product_reference": "jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6"
},
"product_reference": "jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6"
},
"product_reference": "jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6"
},
"product_reference": "jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6"
},
"product_reference": "jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6"
},
"product_reference": "jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6"
},
"product_reference": "jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6"
},
"product_reference": "jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6"
},
"product_reference": "jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6"
},
"product_reference": "jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6"
},
"product_reference": "jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6"
},
"product_reference": "ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6"
},
"product_reference": "ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6"
},
"product_reference": "ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6"
},
"product_reference": "pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6"
},
"product_reference": "pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6"
},
"product_reference": "pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6"
},
"product_reference": "pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6"
},
"product_reference": "pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6"
},
"product_reference": "pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6"
},
"product_reference": "pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6"
},
"product_reference": "pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6"
},
"product_reference": "pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6"
},
"product_reference": "pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6"
},
"product_reference": "pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6"
},
"product_reference": "pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6"
},
"product_reference": "pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6"
},
"product_reference": "pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6"
},
"product_reference": "pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6"
},
"product_reference": "pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6"
},
"product_reference": "pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6"
},
"product_reference": "pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6"
},
"product_reference": "pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6"
},
"product_reference": "pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6"
},
"product_reference": "pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6"
},
"product_reference": "pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6"
},
"product_reference": "pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6"
},
"product_reference": "pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6"
},
"product_reference": "pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6"
},
"product_reference": "pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6"
},
"product_reference": "pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6"
},
"product_reference": "pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6"
},
"product_reference": "pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6"
},
"product_reference": "pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6"
},
"product_reference": "pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6"
},
"product_reference": "pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6"
},
"product_reference": "pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
},
"product_reference": "python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6"
},
"product_reference": "python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6"
},
"product_reference": "python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6"
},
"product_reference": "python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6"
},
"product_reference": "python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6"
},
"product_reference": "python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6"
},
"product_reference": "python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6"
},
"product_reference": "python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6"
},
"product_reference": "python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6"
},
"product_reference": "python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6"
},
"product_reference": "python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6"
},
"product_reference": "python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6"
},
"product_reference": "python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6"
},
"product_reference": "python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6"
},
"product_reference": "python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6"
},
"product_reference": "python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6"
},
"product_reference": "python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6"
},
"product_reference": "python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6"
},
"product_reference": "relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
},
"product_reference": "relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6"
},
"product_reference": "resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6"
},
"product_reference": "resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6"
},
"product_reference": "slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
},
"product_reference": "slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6"
},
"product_reference": "slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6"
},
"product_reference": "stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6"
},
"product_reference": "stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6"
},
"product_reference": "tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm (pki-core:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6"
},
"product_reference": "tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6"
},
"product_reference": "velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
},
"product_reference": "velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6"
},
"product_reference": "xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
},
"product_reference": "xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6"
},
"product_reference": "xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
},
"product_reference": "xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6"
},
"product_reference": "xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
},
"product_reference": "xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6"
},
"product_reference": "xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
},
"product_reference": "xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6"
},
"product_reference": "xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6"
},
"product_reference": "xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6"
},
"product_reference": "xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm (pki-deps:10.6) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
},
"product_reference": "xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-9251",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2016-11-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1399546"
}
],
"notes": [
{
"category": "description",
"text": "jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Cross-site scripting via cross-domain ajax requests",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-9251"
},
{
"category": "external",
"summary": "RHBZ#1399546",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1399546"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-9251",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9251"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-9251",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-9251"
}
],
"release_date": "2015-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:39:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4847"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Cross-site scripting via cross-domain ajax requests"
},
{
"cve": "CVE-2016-10735",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668097"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the data-target attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-10735"
},
{
"category": "external",
"summary": "RHBZ#1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10735"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735"
}
],
"release_date": "2016-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:39:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4847"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the data-target attribute"
},
{
"cve": "CVE-2018-14040",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601614"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14040"
},
{
"category": "external",
"summary": "RHBZ#1601614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14040",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14040"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:39:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4847"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute"
},
{
"cve": "CVE-2018-14042",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601617"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14042"
},
{
"category": "external",
"summary": "RHBZ#1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14042",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14042"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:39:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4847"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip"
},
{
"cve": "CVE-2019-8331",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-02-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1686454"
}
],
"notes": [
{
"category": "description",
"text": "A cross-site scripting vulnerability was discovered in bootstrap. If an attacker could control the data given to tooltip or popover, they could inject HTML or Javascript into the rendered page when tooltip or popover events fired.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the tooltip or popover data-template attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-8331"
},
{
"category": "external",
"summary": "RHBZ#1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-8331",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8331"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331"
}
],
"release_date": "2019-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:39:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4847"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the tooltip or popover data-template attribute"
},
{
"acknowledgments": [
{
"names": [
"Pritam Singh"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2019-10146",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-05-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1710171"
}
],
"notes": [
{
"category": "description",
"text": "A Reflected Cross Site Scripting flaw was found in the pki-ca module from the pki-core server due to the CA Agent Service not properly sanitizing the certificate request page. An attacker could inject a specially crafted value that will be executed on the victim\u0027s browser.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pki-core: Reflected XSS in \u0027path length\u0027 constraint field in CA\u0027s Agent page",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is considered Low, because it requires the attacker to first request or predict a valid nonce. Without a valid nonce, no arbitrary HTML will be sent back to the victim\u0027s browser.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-10146"
},
{
"category": "external",
"summary": "RHBZ#1710171",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1710171"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-10146",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10146"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10146",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10146"
}
],
"release_date": "2020-02-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:39:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4847"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "pki-core: Reflected XSS in \u0027path length\u0027 constraint field in CA\u0027s Agent page"
},
{
"acknowledgments": [
{
"names": [
"Pritam Singh"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2019-10179",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-04-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1695901"
}
],
"notes": [
{
"category": "description",
"text": "It was found that the Key Recovery Authority (KRA) Agent Service did not properly sanitize recovery request search page, enabling a Reflected Cross Site Scripting (XSS) vulnerability. An attacker could trick an authenticated victim into executing specially crafted Javascript code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA\u0027s DRM agent page in authorize recovery tab",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Low : the web UI uses client TLS authentication, therefore stealing session cookies will not be sufficient for unauthorized access. The vulnerable page itself does not contain secrets.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-10179"
},
{
"category": "external",
"summary": "RHBZ#1695901",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695901"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-10179",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10179"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10179",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10179"
}
],
"release_date": "2020-02-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:39:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4847"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA\u0027s DRM agent page in authorize recovery tab"
},
{
"acknowledgments": [
{
"names": [
"Pritam Singh"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2019-10221",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-07-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1732565"
}
],
"notes": [
{
"category": "description",
"text": "A Reflected Cross Site Scripting vulnerability was found in the pki-ca module from the pki-core server. This flaw is caused by missing sanitization of the GET URL parameters. An attacker could abuse this flaw to trick an authenticated user into clicking a specially crafted link which can execute arbitrary code when viewed in a browser.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pki-core: Reflected XSS in getcookies?url= endpoint in CA",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Low : the web UI uses client TLS authentication, therefore stealing session cookies will not be sufficient for unauthorized access. The vulnerable page itself does not contain secrets.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-10221"
},
{
"category": "external",
"summary": "RHBZ#1732565",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1732565"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-10221",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10221"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10221",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10221"
}
],
"release_date": "2020-02-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:39:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4847"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "pki-core: Reflected XSS in getcookies?url= endpoint in CA"
},
{
"cve": "CVE-2019-11358",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-03-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1701972"
}
],
"notes": [
{
"category": "description",
"text": "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-11358"
},
{
"category": "external",
"summary": "RHBZ#1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/",
"url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/"
},
{
"category": "external",
"summary": "https://www.drupal.org/sa-core-2019-006",
"url": "https://www.drupal.org/sa-core-2019-006"
}
],
"release_date": "2019-03-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:39:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4847"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection"
},
{
"acknowledgments": [
{
"names": [
"Pritam Singh"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2020-1721",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-11-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1777579"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Key Recovery Authority (KRA) Agent Service where it did not properly sanitize the recovery ID during a key recovery request, enabling a Reflected Cross-Site Scripting (XSS) vulnerability. An attacker could trick an authenticated victim into executing specially crafted Javascript code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pki-core: KRA vulnerable to reflected XSS via the getPk12 page",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Low : the web UI uses client TLS authentication, therefore stealing session cookies will not be sufficient for unauthorized access. The vulnerable page itself does not contain secrets.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-1721"
},
{
"category": "external",
"summary": "RHBZ#1777579",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1777579"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-1721",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1721"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1721",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1721"
}
],
"release_date": "2020-02-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:39:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4847"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "pki-core: KRA vulnerable to reflected XSS via the getPk12 page"
},
{
"acknowledgments": [
{
"names": [
"@ZeddYu"
],
"organization": "Apache Tomcat Security Team"
}
],
"cve": "CVE-2020-1935",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2019-12-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1806835"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Tomcat. The HTTP header parsing code used an approach to end-of-line (EOL) parsing that allowed some invalid HTTP headers to be parsed as valid. This led to the possibility of HTTP Request Smuggling if Tomcat was located behind a reverse proxy that incorrectly handled the invalid Transfer-Encoding header in a particular manner. The highest threat with this vulnerability is system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Mishandling of Transfer-Encoding header allows for HTTP request smuggling",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenDaylight in Red Hat OpenStack 10 \u0026 13 was in technical preview status, because of this no fixes will be released for it.\n\nIn Red Hat Satellite 6, Candlepin is using Tomcat to provide a REST API, and has been found to be vulnerable to the flaw. However, it is currently believed that no useful attacks can be carried over.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-1935"
},
{
"category": "external",
"summary": "RHBZ#1806835",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1806835"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-1935",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1935"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1935",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1935"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.100",
"url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.100"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.51",
"url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.51"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.31",
"url": "https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.31"
}
],
"release_date": "2020-02-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:39:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4847"
},
{
"category": "workaround",
"details": "Workaround for Red Hat Satellite 6 is to add iptables rule to deny TCP requests of Tomcat that are not originating from the Satellite.\n\nFor other Red Hat products, either mitigation isn\u0027t available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "tomcat: Mishandling of Transfer-Encoding header allows for HTTP request smuggling"
},
{
"cve": "CVE-2020-1938",
"cwe": {
"id": "CWE-285",
"name": "Improper Authorization"
},
"discovery_date": "2020-02-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1806398"
}
],
"notes": [
{
"category": "description",
"text": "CVE-2020-1938 is a file read/inclusion vulnerability in the AJP connector in Apache Tomcat. This is enabled by default with a default configuration port of 8009. A remote, unauthenticated attacker could exploit this vulnerability to read web application files from a vulnerable server. In instances where the vulnerable server allows file uploads, an attacker could upload malicious JavaServer Pages (JSP) code within a variety of file types and trigger this vulnerability to gain remote code execution (RCE).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Please refer to the Red Hat knowledgebase article: https://access.redhat.com/solutions/4851251 and CVE page https://access.redhat.com/security/cve/cve-2020-1745",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-1938"
},
{
"category": "external",
"summary": "RHBZ#1806398",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1806398"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-1938",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1938"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1938",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1938"
},
{
"category": "external",
"summary": "https://meterpreter.org/cve-2020-1938-apache-tomcat-ajp-connector-remote-code-execution-vulnerability-alert/",
"url": "https://meterpreter.org/cve-2020-1938-apache-tomcat-ajp-connector-remote-code-execution-vulnerability-alert/"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.100",
"url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.100"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.51",
"url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.51"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.31",
"url": "https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.31"
},
{
"category": "external",
"summary": "https://www.cnvd.org.cn/webinfo/show/5415",
"url": "https://www.cnvd.org.cn/webinfo/show/5415"
},
{
"category": "external",
"summary": "https://www.tenable.com/blog/cve-2020-1938-ghostcat-apache-tomcat-ajp-file-readinclusion-vulnerability-cnvd-2020-10487",
"url": "https://www.tenable.com/blog/cve-2020-1938-ghostcat-apache-tomcat-ajp-file-readinclusion-vulnerability-cnvd-2020-10487"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2020-02-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:39:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4847"
},
{
"category": "workaround",
"details": "Please refer to the Red Hat knowledgebase article: https://access.redhat.com/solutions/4851251",
"product_ids": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2022-03-03T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Moderate"
}
],
"title": "tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability"
},
{
"cve": "CVE-2020-11022",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-04-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1828406"
}
],
"notes": [
{
"category": "description",
"text": "A Cross-site scripting (XSS) vulnerability exists in JQuery. This flaw allows an attacker with the ability to supply input to the \u2018HTML\u2019 function to inject Javascript into the page where that input is rendered, and have it delivered by the browser.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "No supported release of Red Hat OpenStack Platform is affected by this vulnerability as no shipped packages contain the vulnerable code.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11022"
},
{
"category": "external",
"summary": "RHBZ#1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11022",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2",
"url": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2"
}
],
"release_date": "2020-04-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:39:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4847"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method"
},
{
"cve": "CVE-2020-11023",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-06-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1850004"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jQuery. HTML containing \\\u003coption\\\u003e elements from untrusted sources are passed, even after sanitizing, to one of jQuery\u0027s DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux versions 6, 7, and 8 ship a vulnerable version of JQuery in the `pcs` component. As PCS does not accept untrusted input, the vulnerable code cannot be controlled by an attacker.\n\nMultiple Red Hat offerings use doxygen to build documentation. During this process an affected jquery.js file can be included in the resulting package. The \u0027gcc\u0027 and \u0027tbb\u0027 packages were potentially vulnerable via this method.\n\nOpenShift Container Platform 4 is not affected because even though it uses the \u0027gcc\u0027 component, vulnerable code is limited within the libstdc++-docs rpm package, which is not shipped.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nStatic code analysis controls ensure that security flaws, including XSS vulnerabilities, are detected early in development by scanning code for improper input handling. This prevents vulnerable code from reaching production and encourages our developers to follow secure coding practices. System monitoring controls play a crucial role in detecting and responding to XSS attacks by analyzing logs, monitoring user behavior, and generating alerts for suspicious activity. Meanwhile, AWS WAF (Web Application Firewall) adds an extra layer of defense by filtering and blocking malicious input before it reaches the platform and/or application. Together, these controls create a defense-in-depth approach, reducing the risk of XSS exploitation by preventing, detecting, and mitigating attacks at multiple levels.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11023"
},
{
"category": "external",
"summary": "RHBZ#1850004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/",
"url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2020-04-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:39:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4847"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2025-01-23T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods"
},
{
"acknowledgments": [
{
"names": [
"Christian Heimes"
]
}
],
"cve": "CVE-2020-15720",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2020-06-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1855273"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in PKI, where the dogtag\u0027s pki.client.PKIConnection class disables the python-requests certificate validation. This flaw allows an attacker to intercept a connection between a FreeIPA client and a server, and execute an active Man-in-the-Middle attack. The highest threat from this vulnerability is to confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pki: Dogtag\u0027s python client does not validate certificates",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In PKI, the pki.client.PKIConnection python class is used by the `pki-server` and `pkispawn` commands. `pki-server` runs locally on the server, thus not subject to a Person in the Middle attack. `pkispawn` may access remote node in decentralized or cloned contexts.\n\nIdentity Management (IPA) command line interface (the vault related sub-commands) may call pki.client.PKIConnection().",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-15720"
},
{
"category": "external",
"summary": "RHBZ#1855273",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1855273"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-15720",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15720"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-15720",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15720"
}
],
"release_date": "2020-06-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:39:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4847"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "pki: Dogtag\u0027s python client does not validate certificates"
},
{
"cve": "CVE-2020-25715",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-10-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1891016"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in pki-core. A specially crafted POST request can be used to reflect a DOM-based cross-site scripting (XSS) attack to inject code into the search query form which can get automatically executed. The highest threat from this vulnerability is to data integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pki-core: XSS in the certificate search results",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 8.3 (pki-core 10.9.4) contains mitigations that prevents the vulnerability to be exploited. Red Hat Enterprise Linux version 8 prior to 8.3 are vulnerable to this version",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-25715"
},
{
"category": "external",
"summary": "RHBZ#1891016",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1891016"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-25715",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25715"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-25715",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25715"
}
],
"release_date": "2021-03-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:39:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4847"
},
{
"category": "workaround",
"details": "Because the cross-site scripting (XSS) attack requires the victim to have their RHCS certificate installed in their web browser to be successful, it is recommended that web browser not hold the keys and that the user use the command line interface (CLI) instead.",
"product_ids": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "pki-core: XSS in the certificate search results"
},
{
"cve": "CVE-2022-25762",
"cwe": {
"id": "CWE-226",
"name": "Sensitive Information in Resource Not Removed Before Reuse"
},
"discovery_date": "2022-05-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2085304"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the tomcat package. When a web application sends a WebSocket message concurrently with the WebSocket connection closing, the application may continue to use the socket after it has been closed. In this case, the error handling triggered could cause the pooled object to be placed in the pool twice. This issue results in subsequent connections using the same object concurrently, which causes data to be potentially returned to the wrong user or application stability issues.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: request mixup",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects Apache Tomcat 8.5.0 to 8.5.75 or Apache Tomcat 9.0.0.M1 to 9.0.20.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25762"
},
{
"category": "external",
"summary": "RHBZ#2085304",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2085304"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25762",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25762"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25762",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25762"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.76",
"url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.76"
}
],
"release_date": "2022-05-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:39:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4847"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-collections-3.2.2-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-lang-2.6-21.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-1.2.0-16.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-2.2.11-11.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jakarta-commons-httpclient-3.1-28.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-3.18.1-8.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:javassist-javadoc-3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debuginfo-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-debugsource-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:jss-javadoc-4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-4.22.0-1.module+el8.3.0+6784+6e1e4c62.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:ldapjdk-javadoc-4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-base-java-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-ca-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-10.9.4-1.module+el8.3.0+8058+d5cd4219.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-core-debugsource-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-kra-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-server-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-servlet-4.0-api-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-servlet-engine-9.0.30-1.module+el8.3.0+6730+8f9c6254.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-symkey-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:pki-tools-debuginfo-10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:python-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-debugsource-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python-nss-doc-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-nss-debuginfo-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:python3-pki-10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:resteasy-3.0.26-3.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-1.7.25-4.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:tomcatjss-7.5.0-1.module+el8.3.0+7355+c59bcbd9.src.rpm-pki-core:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:velocity-1.7-24.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.src.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch.rpm-pki-deps:10.6",
"AppStream-8.3.0.GA:xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src.rpm-pki-deps:10.6"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "tomcat: request mixup"
}
]
}
rhba-2019:4199
Vulnerability from csaf_redhat
Published
2019-12-12 13:34
Modified
2025-10-10 01:33
Summary
Red Hat Bug Fix Advisory: CloudForms 5.0 bug fix and enhancement update
Notes
Topic
An update is now available for CloudForms Management Engine 5.11.
Details
Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller (MVC) framework for web application development. Action Pack implements the controller and the view components.
This update fixes various bugs and adds enhancements. Documentation for these changes is available from the Release Notes document linked to in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for CloudForms Management Engine 5.11.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller (MVC) framework for web application development. Action Pack implements the controller and the view components.\n\nThis update fixes various bugs and adds enhancements. Documentation for these changes is available from the Release Notes document linked to in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHBA-2019:4199",
"url": "https://access.redhat.com/errata/RHBA-2019:4199"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_cloudforms/5.0/html/release_notes",
"url": "https://access.redhat.com/documentation/en-us/red_hat_cloudforms/5.0/html/release_notes"
},
{
"category": "external",
"summary": "1295839",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1295839"
},
{
"category": "external",
"summary": "1314875",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1314875"
},
{
"category": "external",
"summary": "1402112",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1402112"
},
{
"category": "external",
"summary": "1415106",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1415106"
},
{
"category": "external",
"summary": "1429540",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1429540"
},
{
"category": "external",
"summary": "1430159",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1430159"
},
{
"category": "external",
"summary": "1440191",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1440191"
},
{
"category": "external",
"summary": "1445717",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1445717"
},
{
"category": "external",
"summary": "1447170",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1447170"
},
{
"category": "external",
"summary": "1455145",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1455145"
},
{
"category": "external",
"summary": "1460798",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1460798"
},
{
"category": "external",
"summary": "1461487",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1461487"
},
{
"category": "external",
"summary": "1469035",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1469035"
},
{
"category": "external",
"summary": "1475616",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1475616"
},
{
"category": "external",
"summary": "1480819",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1480819"
},
{
"category": "external",
"summary": "1486765",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1486765"
},
{
"category": "external",
"summary": "1487178",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1487178"
},
{
"category": "external",
"summary": "1498996",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1498996"
},
{
"category": "external",
"summary": "1504155",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1504155"
},
{
"category": "external",
"summary": "1507011",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1507011"
},
{
"category": "external",
"summary": "1515952",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1515952"
},
{
"category": "external",
"summary": "1516838",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1516838"
},
{
"category": "external",
"summary": "1516912",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1516912"
},
{
"category": "external",
"summary": "1518613",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1518613"
},
{
"category": "external",
"summary": "1519359",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1519359"
},
{
"category": "external",
"summary": "1525835",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1525835"
},
{
"category": "external",
"summary": "1527695",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1527695"
},
{
"category": "external",
"summary": "1528984",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1528984"
},
{
"category": "external",
"summary": "1532720",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1532720"
},
{
"category": "external",
"summary": "1533263",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1533263"
},
{
"category": "external",
"summary": "1534529",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534529"
},
{
"category": "external",
"summary": "1534539",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534539"
},
{
"category": "external",
"summary": "1535215",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535215"
},
{
"category": "external",
"summary": "1535782",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535782"
},
{
"category": "external",
"summary": "1535928",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535928"
},
{
"category": "external",
"summary": "1540058",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1540058"
},
{
"category": "external",
"summary": "1543007",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1543007"
},
{
"category": "external",
"summary": "1545942",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1545942"
},
{
"category": "external",
"summary": "1546108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1546108"
},
{
"category": "external",
"summary": "1546927",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1546927"
},
{
"category": "external",
"summary": "1547081",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1547081"
},
{
"category": "external",
"summary": "1549128",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1549128"
},
{
"category": "external",
"summary": "1553846",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1553846"
},
{
"category": "external",
"summary": "1557488",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1557488"
},
{
"category": "external",
"summary": "1559335",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1559335"
},
{
"category": "external",
"summary": "1566600",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1566600"
},
{
"category": "external",
"summary": "1573609",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1573609"
},
{
"category": "external",
"summary": "1574822",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1574822"
},
{
"category": "external",
"summary": "1574823",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1574823"
},
{
"category": "external",
"summary": "1574824",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1574824"
},
{
"category": "external",
"summary": "1574826",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1574826"
},
{
"category": "external",
"summary": "1578076",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1578076"
},
{
"category": "external",
"summary": "1581817",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1581817"
},
{
"category": "external",
"summary": "1591797",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1591797"
},
{
"category": "external",
"summary": "1594381",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1594381"
},
{
"category": "external",
"summary": "1594497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1594497"
},
{
"category": "external",
"summary": "1595259",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1595259"
},
{
"category": "external",
"summary": "1595558",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1595558"
},
{
"category": "external",
"summary": "1597125",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1597125"
},
{
"category": "external",
"summary": "1600961",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1600961"
},
{
"category": "external",
"summary": "1602072",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1602072"
},
{
"category": "external",
"summary": "1608475",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1608475"
},
{
"category": "external",
"summary": "1609348",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1609348"
},
{
"category": "external",
"summary": "1609541",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1609541"
},
{
"category": "external",
"summary": "1614567",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1614567"
},
{
"category": "external",
"summary": "1623636",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1623636"
},
{
"category": "external",
"summary": "1628228",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1628228"
},
{
"category": "external",
"summary": "1630040",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1630040"
},
{
"category": "external",
"summary": "1631845",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1631845"
},
{
"category": "external",
"summary": "1632718",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1632718"
},
{
"category": "external",
"summary": "1633867",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1633867"
},
{
"category": "external",
"summary": "1634794",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1634794"
},
{
"category": "external",
"summary": "1638245",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1638245"
},
{
"category": "external",
"summary": "1638390",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1638390"
},
{
"category": "external",
"summary": "1639387",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1639387"
},
{
"category": "external",
"summary": "1641905",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1641905"
},
{
"category": "external",
"summary": "1643331",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1643331"
},
{
"category": "external",
"summary": "1645041",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1645041"
},
{
"category": "external",
"summary": "1645193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1645193"
},
{
"category": "external",
"summary": "1646562",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1646562"
},
{
"category": "external",
"summary": "1649280",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1649280"
},
{
"category": "external",
"summary": "1650104",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1650104"
},
{
"category": "external",
"summary": "1650117",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1650117"
},
{
"category": "external",
"summary": "1650294",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1650294"
},
{
"category": "external",
"summary": "1650396",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1650396"
},
{
"category": "external",
"summary": "1650418",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1650418"
},
{
"category": "external",
"summary": "1650484",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1650484"
},
{
"category": "external",
"summary": "1650501",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1650501"
},
{
"category": "external",
"summary": "1650506",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1650506"
},
{
"category": "external",
"summary": "1650559",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1650559"
},
{
"category": "external",
"summary": "1652577",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1652577"
},
{
"category": "external",
"summary": "1652858",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1652858"
},
{
"category": "external",
"summary": "1653772",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1653772"
},
{
"category": "external",
"summary": "1653779",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1653779"
},
{
"category": "external",
"summary": "1653787",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1653787"
},
{
"category": "external",
"summary": "1653800",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1653800"
},
{
"category": "external",
"summary": "1654511",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1654511"
},
{
"category": "external",
"summary": "1655114",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1655114"
},
{
"category": "external",
"summary": "1655495",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1655495"
},
{
"category": "external",
"summary": "1655794",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1655794"
},
{
"category": "external",
"summary": "1655977",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1655977"
},
{
"category": "external",
"summary": "1656318",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1656318"
},
{
"category": "external",
"summary": "1656371",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1656371"
},
{
"category": "external",
"summary": "1656722",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1656722"
},
{
"category": "external",
"summary": "1656734",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1656734"
},
{
"category": "external",
"summary": "1656838",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1656838"
},
{
"category": "external",
"summary": "1658906",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1658906"
},
{
"category": "external",
"summary": "1659088",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1659088"
},
{
"category": "external",
"summary": "1659452",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1659452"
},
{
"category": "external",
"summary": "1660163",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1660163"
},
{
"category": "external",
"summary": "1662991",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1662991"
},
{
"category": "external",
"summary": "1663562",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1663562"
},
{
"category": "external",
"summary": "1663972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1663972"
},
{
"category": "external",
"summary": "1664852",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1664852"
},
{
"category": "external",
"summary": "1664886",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1664886"
},
{
"category": "external",
"summary": "1664888",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1664888"
},
{
"category": "external",
"summary": "1667178",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1667178"
},
{
"category": "external",
"summary": "1668004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668004"
},
{
"category": "external",
"summary": "1668437",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668437"
},
{
"category": "external",
"summary": "1669851",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1669851"
},
{
"category": "external",
"summary": "1669860",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1669860"
},
{
"category": "external",
"summary": "1669861",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1669861"
},
{
"category": "external",
"summary": "1669867",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1669867"
},
{
"category": "external",
"summary": "1669868",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1669868"
},
{
"category": "external",
"summary": "1670016",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1670016"
},
{
"category": "external",
"summary": "1670138",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1670138"
},
{
"category": "external",
"summary": "1670150",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1670150"
},
{
"category": "external",
"summary": "1670373",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1670373"
},
{
"category": "external",
"summary": "1670456",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1670456"
},
{
"category": "external",
"summary": "1670472",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1670472"
},
{
"category": "external",
"summary": "1670604",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1670604"
},
{
"category": "external",
"summary": "1671844",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671844"
},
{
"category": "external",
"summary": "1671909",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671909"
},
{
"category": "external",
"summary": "1671911",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671911"
},
{
"category": "external",
"summary": "1672437",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1672437"
},
{
"category": "external",
"summary": "1672689",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1672689"
},
{
"category": "external",
"summary": "1672933",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1672933"
},
{
"category": "external",
"summary": "1672934",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1672934"
},
{
"category": "external",
"summary": "1672937",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1672937"
},
{
"category": "external",
"summary": "1672949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1672949"
},
{
"category": "external",
"summary": "1674055",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1674055"
},
{
"category": "external",
"summary": "1677258",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1677258"
},
{
"category": "external",
"summary": "1677548",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1677548"
},
{
"category": "external",
"summary": "1677553",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1677553"
},
{
"category": "external",
"summary": "1677558",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1677558"
},
{
"category": "external",
"summary": "1677560",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1677560"
},
{
"category": "external",
"summary": "1677561",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1677561"
},
{
"category": "external",
"summary": "1677571",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1677571"
},
{
"category": "external",
"summary": "1677575",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1677575"
},
{
"category": "external",
"summary": "1678046",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1678046"
},
{
"category": "external",
"summary": "1678047",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1678047"
},
{
"category": "external",
"summary": "1678048",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1678048"
},
{
"category": "external",
"summary": "1678122",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1678122"
},
{
"category": "external",
"summary": "1678123",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1678123"
},
{
"category": "external",
"summary": "1678132",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1678132"
},
{
"category": "external",
"summary": "1678135",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1678135"
},
{
"category": "external",
"summary": "1678136",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1678136"
},
{
"category": "external",
"summary": "1678142",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1678142"
},
{
"category": "external",
"summary": "1678149",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1678149"
},
{
"category": "external",
"summary": "1678150",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1678150"
},
{
"category": "external",
"summary": "1678151",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1678151"
},
{
"category": "external",
"summary": "1678190",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1678190"
},
{
"category": "external",
"summary": "1678192",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1678192"
},
{
"category": "external",
"summary": "1678194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1678194"
},
{
"category": "external",
"summary": "1678196",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1678196"
},
{
"category": "external",
"summary": "1680525",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1680525"
},
{
"category": "external",
"summary": "1683697",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1683697"
},
{
"category": "external",
"summary": "1684226",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1684226"
},
{
"category": "external",
"summary": "1684567",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1684567"
},
{
"category": "external",
"summary": "1684575",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1684575"
},
{
"category": "external",
"summary": "1684681",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1684681"
},
{
"category": "external",
"summary": "1685063",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1685063"
},
{
"category": "external",
"summary": "1685266",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1685266"
},
{
"category": "external",
"summary": "1686076",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686076"
},
{
"category": "external",
"summary": "1686617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686617"
},
{
"category": "external",
"summary": "1686619",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686619"
},
{
"category": "external",
"summary": "1686762",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686762"
},
{
"category": "external",
"summary": "1687059",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1687059"
},
{
"category": "external",
"summary": "1687086",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1687086"
},
{
"category": "external",
"summary": "1687597",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1687597"
},
{
"category": "external",
"summary": "1688359",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1688359"
},
{
"category": "external",
"summary": "1688370",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1688370"
},
{
"category": "external",
"summary": "1689369",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1689369"
},
{
"category": "external",
"summary": "1690508",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1690508"
},
{
"category": "external",
"summary": "1690572",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1690572"
},
{
"category": "external",
"summary": "1692537",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1692537"
},
{
"category": "external",
"summary": "1692853",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1692853"
},
{
"category": "external",
"summary": "1693362",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1693362"
},
{
"category": "external",
"summary": "1693994",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1693994"
},
{
"category": "external",
"summary": "1695008",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695008"
},
{
"category": "external",
"summary": "1695219",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695219"
},
{
"category": "external",
"summary": "1695566",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695566"
},
{
"category": "external",
"summary": "1697467",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1697467"
},
{
"category": "external",
"summary": "1698184",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1698184"
},
{
"category": "external",
"summary": "1698193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1698193"
},
{
"category": "external",
"summary": "1700070",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1700070"
},
{
"category": "external",
"summary": "1704835",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1704835"
},
{
"category": "external",
"summary": "1705105",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1705105"
},
{
"category": "external",
"summary": "1706764",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1706764"
},
{
"category": "external",
"summary": "1707328",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1707328"
},
{
"category": "external",
"summary": "1707537",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1707537"
},
{
"category": "external",
"summary": "1707961",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1707961"
},
{
"category": "external",
"summary": "1708203",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1708203"
},
{
"category": "external",
"summary": "1709957",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1709957"
},
{
"category": "external",
"summary": "1710599",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1710599"
},
{
"category": "external",
"summary": "1710623",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1710623"
},
{
"category": "external",
"summary": "1711855",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1711855"
},
{
"category": "external",
"summary": "1714185",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1714185"
},
{
"category": "external",
"summary": "1714197",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1714197"
},
{
"category": "external",
"summary": "1716858",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1716858"
},
{
"category": "external",
"summary": "1717695",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1717695"
},
{
"category": "external",
"summary": "1717843",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1717843"
},
{
"category": "external",
"summary": "1718457",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1718457"
},
{
"category": "external",
"summary": "1718495",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1718495"
},
{
"category": "external",
"summary": "1718833",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1718833"
},
{
"category": "external",
"summary": "1718858",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1718858"
},
{
"category": "external",
"summary": "1719322",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1719322"
},
{
"category": "external",
"summary": "1719399",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1719399"
},
{
"category": "external",
"summary": "1720187",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1720187"
},
{
"category": "external",
"summary": "1720640",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1720640"
},
{
"category": "external",
"summary": "1722197",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1722197"
},
{
"category": "external",
"summary": "1723420",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1723420"
},
{
"category": "external",
"summary": "1723899",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1723899"
},
{
"category": "external",
"summary": "1724496",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1724496"
},
{
"category": "external",
"summary": "1725838",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1725838"
},
{
"category": "external",
"summary": "1726844",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1726844"
},
{
"category": "external",
"summary": "1727131",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1727131"
},
{
"category": "external",
"summary": "1728740",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1728740"
},
{
"category": "external",
"summary": "1728774",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1728774"
},
{
"category": "external",
"summary": "1729265",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1729265"
},
{
"category": "external",
"summary": "1729953",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1729953"
},
{
"category": "external",
"summary": "1730311",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1730311"
},
{
"category": "external",
"summary": "1732808",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1732808"
},
{
"category": "external",
"summary": "1738664",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1738664"
},
{
"category": "external",
"summary": "1740691",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1740691"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhba-2019_4199.json"
}
],
"title": "Red Hat Bug Fix Advisory: CloudForms 5.0 bug fix and enhancement update",
"tracking": {
"current_release_date": "2025-10-10T01:33:49+00:00",
"generator": {
"date": "2025-10-10T01:33:49+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHBA-2019:4199",
"initial_release_date": "2019-12-12T13:34:43+00:00",
"revision_history": [
{
"date": "2019-12-12T13:34:43+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2019-12-12T13:34:43+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-10T01:33:49+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "CloudForms Management Engine 5.11",
"product": {
"name": "CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:cloudforms_managementengine:5.11::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat CloudForms"
},
{
"branches": [
{
"category": "product_version",
"name": "python-colorama-0:0.4.1-1.el8ost.src",
"product": {
"name": "python-colorama-0:0.4.1-1.el8ost.src",
"product_id": "python-colorama-0:0.4.1-1.el8ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-colorama@0.4.1-1.el8ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-funcsigs-0:1.0.2-3.el8ost.src",
"product": {
"name": "python-funcsigs-0:1.0.2-3.el8ost.src",
"product_id": "python-funcsigs-0:1.0.2-3.el8ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-funcsigs@1.0.2-3.el8ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-mock-0:2.0.0-11.el8ost.src",
"product": {
"name": "python-mock-0:2.0.0-11.el8ost.src",
"product_id": "python-mock-0:2.0.0-11.el8ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-mock@2.0.0-11.el8ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-pbr-0:5.1.2-2.el8ost.src",
"product": {
"name": "python-pbr-0:5.1.2-2.el8ost.src",
"product_id": "python-pbr-0:5.1.2-2.el8ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-pbr@5.1.2-2.el8ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-ffi-0:1.9.25-1.el8cf.src",
"product": {
"name": "rubygem-ffi-0:1.9.25-1.el8cf.src",
"product_id": "rubygem-ffi-0:1.9.25-1.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-ffi@1.9.25-1.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-hamlit-0:2.8.10-1.el8cf.src",
"product": {
"name": "rubygem-hamlit-0:2.8.10-1.el8cf.src",
"product_id": "rubygem-hamlit-0:2.8.10-1.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-hamlit@2.8.10-1.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-http_parser.rb-0:0.6.0-1.el8cf.src",
"product": {
"name": "rubygem-http_parser.rb-0:0.6.0-1.el8cf.src",
"product_id": "rubygem-http_parser.rb-0:0.6.0-1.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-http_parser.rb@0.6.0-1.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-linux_block_device-0:0.2.1-1.el8cf.src",
"product": {
"name": "rubygem-linux_block_device-0:0.2.1-1.el8cf.src",
"product_id": "rubygem-linux_block_device-0:0.2.1-1.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-linux_block_device@0.2.1-1.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-memory_buffer-0:0.1.0-2.el8cf.src",
"product": {
"name": "rubygem-memory_buffer-0:0.1.0-2.el8cf.src",
"product_id": "rubygem-memory_buffer-0:0.1.0-2.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-memory_buffer@0.1.0-2.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-nokogiri-0:1.8.5-1.el8cf.src",
"product": {
"name": "rubygem-nokogiri-0:1.8.5-1.el8cf.src",
"product_id": "rubygem-nokogiri-0:1.8.5-1.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-nokogiri@1.8.5-1.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-puma-0:3.7.1-1.el8cf.src",
"product": {
"name": "rubygem-puma-0:3.7.1-1.el8cf.src",
"product_id": "rubygem-puma-0:3.7.1-1.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-puma@3.7.1-1.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-sassc-0:2.0.1-1.el8cf.src",
"product": {
"name": "rubygem-sassc-0:2.0.1-1.el8cf.src",
"product_id": "rubygem-sassc-0:2.0.1-1.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-sassc@2.0.1-1.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-sqlite3-0:1.3.13-2.el8cf.src",
"product": {
"name": "rubygem-sqlite3-0:1.3.13-2.el8cf.src",
"product_id": "rubygem-sqlite3-0:1.3.13-2.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-sqlite3@1.3.13-2.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-surro-gate-0:1.0.5-1.el8cf.src",
"product": {
"name": "rubygem-surro-gate-0:1.0.5-1.el8cf.src",
"product_id": "rubygem-surro-gate-0:1.0.5-1.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-surro-gate@1.0.5-1.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-websocket-driver-0:0.6.5-1.el8cf.src",
"product": {
"name": "rubygem-websocket-driver-0:0.6.5-1.el8cf.src",
"product_id": "rubygem-websocket-driver-0:0.6.5-1.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-websocket-driver@0.6.5-1.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "smem-0:1.4-1.el8cf.src",
"product": {
"name": "smem-0:1.4-1.el8cf.src",
"product_id": "smem-0:1.4-1.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/smem@1.4-1.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "wmi-0:1.3.14-8.el8cf.src",
"product": {
"name": "wmi-0:1.3.14-8.el8cf.src",
"product_id": "wmi-0:1.3.14-8.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/wmi@1.3.14-8.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-future-0:0.16.0-1.el8cf.src",
"product": {
"name": "python-future-0:0.16.0-1.el8cf.src",
"product_id": "python-future-0:0.16.0-1.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-future@0.16.0-1.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-bambou-0:3.0.1-2.el8cf.src",
"product": {
"name": "python-bambou-0:3.0.1-2.el8cf.src",
"product_id": "python-bambou-0:3.0.1-2.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-bambou@3.0.1-2.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-requests-toolbelt-0:0.8.0-2.el8cf.src",
"product": {
"name": "python-requests-toolbelt-0:0.8.0-2.el8cf.src",
"product_id": "python-requests-toolbelt-0:0.8.0-2.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-requests-toolbelt@0.8.0-2.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-pylxca-0:2.1.1-2.el8cf.src",
"product": {
"name": "python-pylxca-0:2.1.1-2.el8cf.src",
"product_id": "python-pylxca-0:2.1.1-2.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-pylxca@2.1.1-2.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-tabulate-0:0.8.2-1.el8cf.src",
"product": {
"name": "python-tabulate-0:0.8.2-1.el8cf.src",
"product_id": "python-tabulate-0:0.8.2-1.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-tabulate@0.8.2-1.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-vspk-0:5.3.2-2.el8cf.src",
"product": {
"name": "python-vspk-0:5.3.2-2.el8cf.src",
"product_id": "python-vspk-0:5.3.2-2.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-vspk@5.3.2-2.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "prince-0:12.4-1.el8cf.src",
"product": {
"name": "prince-0:12.4-1.el8cf.src",
"product_id": "prince-0:12.4-1.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/prince@12.4-1.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "ansible-runner-0:1.3.4-2.el8ar.src",
"product": {
"name": "ansible-runner-0:1.3.4-2.el8ar.src",
"product_id": "ansible-runner-0:1.3.4-2.el8ar.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ansible-runner@1.3.4-2.el8ar?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-daemon-0:2.1.2-9.el8ar.src",
"product": {
"name": "python-daemon-0:2.1.2-9.el8ar.src",
"product_id": "python-daemon-0:2.1.2-9.el8ar.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-daemon@2.1.2-9.el8ar?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-pexpect-0:4.6-2.el8ar.src",
"product": {
"name": "python-pexpect-0:4.6-2.el8ar.src",
"product_id": "python-pexpect-0:4.6-2.el8ar.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-pexpect@4.6-2.el8ar?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-psutil-0:5.4.3-5.el8ar.src",
"product": {
"name": "python-psutil-0:5.4.3-5.el8ar.src",
"product_id": "python-psutil-0:5.4.3-5.el8ar.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-psutil@5.4.3-5.el8ar?arch=src"
}
}
},
{
"category": "product_version",
"name": "repmgr10-0:4.0.6-3.el8cf.src",
"product": {
"name": "repmgr10-0:4.0.6-3.el8cf.src",
"product_id": "repmgr10-0:4.0.6-3.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/repmgr10@4.0.6-3.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "qpid-proton-0:0.28.0-1.el8.src",
"product": {
"name": "qpid-proton-0:0.28.0-1.el8.src",
"product_id": "qpid-proton-0:0.28.0-1.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-proton@0.28.0-1.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-qpid_proton-0:0.26.0-1.el8cf.src",
"product": {
"name": "rubygem-qpid_proton-0:0.26.0-1.el8cf.src",
"product_id": "rubygem-qpid_proton-0:0.26.0-1.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-qpid_proton@0.26.0-1.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-escape_utils-0:1.2.1-1.el8cf.src",
"product": {
"name": "rubygem-escape_utils-0:1.2.1-1.el8cf.src",
"product_id": "rubygem-escape_utils-0:1.2.1-1.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-escape_utils@1.2.1-1.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "v2v-conversion-host-0:1.14.2-1.el8ev.src",
"product": {
"name": "v2v-conversion-host-0:1.14.2-1.el8ev.src",
"product_id": "v2v-conversion-host-0:1.14.2-1.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/v2v-conversion-host@1.14.2-1.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-lockfile-1:0.11.0-8.el8ar.src",
"product": {
"name": "python-lockfile-1:0.11.0-8.el8ar.src",
"product_id": "python-lockfile-1:0.11.0-8.el8ar.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-lockfile@0.11.0-8.el8ar?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "rubygem-bcrypt-0:3.1.13-1.el8cf.src",
"product": {
"name": "rubygem-bcrypt-0:3.1.13-1.el8cf.src",
"product_id": "rubygem-bcrypt-0:3.1.13-1.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-bcrypt@3.1.13-1.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-nio4r-0:2.4.0-1.el8cf.src",
"product": {
"name": "rubygem-nio4r-0:2.4.0-1.el8cf.src",
"product_id": "rubygem-nio4r-0:2.4.0-1.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-nio4r@2.4.0-1.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-unf_ext-0:0.0.7.6-1.el8cf.src",
"product": {
"name": "rubygem-unf_ext-0:0.0.7.6-1.el8cf.src",
"product_id": "rubygem-unf_ext-0:0.0.7.6-1.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-unf_ext@0.0.7.6-1.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-byebug-0:11.0.1-1.el8cf.src",
"product": {
"name": "rubygem-byebug-0:11.0.1-1.el8cf.src",
"product_id": "rubygem-byebug-0:11.0.1-1.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-byebug@11.0.1-1.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "ovirt-ansible-cluster-upgrade-0:1.1.13-1.el8ev.src",
"product": {
"name": "ovirt-ansible-cluster-upgrade-0:1.1.13-1.el8ev.src",
"product_id": "ovirt-ansible-cluster-upgrade-0:1.1.13-1.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-ansible-cluster-upgrade@1.1.13-1.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "ovirt-ansible-disaster-recovery-0:1.2.0-1.el8ev.src",
"product": {
"name": "ovirt-ansible-disaster-recovery-0:1.2.0-1.el8ev.src",
"product_id": "ovirt-ansible-disaster-recovery-0:1.2.0-1.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-ansible-disaster-recovery@1.2.0-1.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "ovirt-ansible-engine-setup-0:1.1.9-1.el8ev.src",
"product": {
"name": "ovirt-ansible-engine-setup-0:1.1.9-1.el8ev.src",
"product_id": "ovirt-ansible-engine-setup-0:1.1.9-1.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-ansible-engine-setup@1.1.9-1.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "ovirt-ansible-hosted-engine-setup-0:1.0.26-1.el8ev.src",
"product": {
"name": "ovirt-ansible-hosted-engine-setup-0:1.0.26-1.el8ev.src",
"product_id": "ovirt-ansible-hosted-engine-setup-0:1.0.26-1.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-ansible-hosted-engine-setup@1.0.26-1.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "ovirt-ansible-image-template-0:1.1.11-1.el8ev.src",
"product": {
"name": "ovirt-ansible-image-template-0:1.1.11-1.el8ev.src",
"product_id": "ovirt-ansible-image-template-0:1.1.11-1.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-ansible-image-template@1.1.11-1.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "ovirt-ansible-infra-0:1.1.12-1.el8ev.src",
"product": {
"name": "ovirt-ansible-infra-0:1.1.12-1.el8ev.src",
"product_id": "ovirt-ansible-infra-0:1.1.12-1.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-ansible-infra@1.1.12-1.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "ovirt-ansible-manageiq-0:1.1.14-1.el8ev.src",
"product": {
"name": "ovirt-ansible-manageiq-0:1.1.14-1.el8ev.src",
"product_id": "ovirt-ansible-manageiq-0:1.1.14-1.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-ansible-manageiq@1.1.14-1.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "ovirt-ansible-repositories-0:1.1.5-1.el8ev.src",
"product": {
"name": "ovirt-ansible-repositories-0:1.1.5-1.el8ev.src",
"product_id": "ovirt-ansible-repositories-0:1.1.5-1.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-ansible-repositories@1.1.5-1.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "ovirt-ansible-roles-0:1.1.7-2.el8ev.src",
"product": {
"name": "ovirt-ansible-roles-0:1.1.7-2.el8ev.src",
"product_id": "ovirt-ansible-roles-0:1.1.7-2.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-ansible-roles@1.1.7-2.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "ovirt-ansible-shutdown-env-0:1.0.3-1.el8ev.src",
"product": {
"name": "ovirt-ansible-shutdown-env-0:1.0.3-1.el8ev.src",
"product_id": "ovirt-ansible-shutdown-env-0:1.0.3-1.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-ansible-shutdown-env@1.0.3-1.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "ovirt-ansible-vm-infra-0:1.1.19-1.el8ev.src",
"product": {
"name": "ovirt-ansible-vm-infra-0:1.1.19-1.el8ev.src",
"product_id": "ovirt-ansible-vm-infra-0:1.1.19-1.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-ansible-vm-infra@1.1.19-1.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "python3-ovirt-engine-sdk4-0:4.3.2-1.el8ev.src",
"product": {
"name": "python3-ovirt-engine-sdk4-0:4.3.2-1.el8ev.src",
"product_id": "python3-ovirt-engine-sdk4-0:4.3.2-1.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-ovirt-engine-sdk4@4.3.2-1.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-rugged-0:0.28.2-1.el8cf.src",
"product": {
"name": "rubygem-rugged-0:0.28.2-1.el8cf.src",
"product_id": "rubygem-rugged-0:0.28.2-1.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-rugged@0.28.2-1.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-ovirt-engine-sdk4-0:4.3.0-1.el8cf.src",
"product": {
"name": "rubygem-ovirt-engine-sdk4-0:4.3.0-1.el8cf.src",
"product_id": "rubygem-ovirt-engine-sdk4-0:4.3.0-1.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-ovirt-engine-sdk4@4.3.0-1.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "cfme-gemset-0:5.11.0.28-1.el8cf.src",
"product": {
"name": "cfme-gemset-0:5.11.0.28-1.el8cf.src",
"product_id": "cfme-gemset-0:5.11.0.28-1.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cfme-gemset@5.11.0.28-1.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "cfme-appliance-0:5.11.0.28-1.el8cf.src",
"product": {
"name": "cfme-appliance-0:5.11.0.28-1.el8cf.src",
"product_id": "cfme-appliance-0:5.11.0.28-1.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cfme-appliance@5.11.0.28-1.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "cfme-0:5.11.0.28-1.el8cf.src",
"product": {
"name": "cfme-0:5.11.0.28-1.el8cf.src",
"product_id": "cfme-0:5.11.0.28-1.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cfme@5.11.0.28-1.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "cfme-amazon-smartstate-0:5.11.0.28-1.el8cf.src",
"product": {
"name": "cfme-amazon-smartstate-0:5.11.0.28-1.el8cf.src",
"product_id": "cfme-amazon-smartstate-0:5.11.0.28-1.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cfme-amazon-smartstate@5.11.0.28-1.el8cf?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-colorama-0:0.4.1-1.el8ost.noarch",
"product": {
"name": "python3-colorama-0:0.4.1-1.el8ost.noarch",
"product_id": "python3-colorama-0:0.4.1-1.el8ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-colorama@0.4.1-1.el8ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-funcsigs-0:1.0.2-3.el8ost.noarch",
"product": {
"name": "python3-funcsigs-0:1.0.2-3.el8ost.noarch",
"product_id": "python3-funcsigs-0:1.0.2-3.el8ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-funcsigs@1.0.2-3.el8ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-mock-0:2.0.0-11.el8ost.noarch",
"product": {
"name": "python3-mock-0:2.0.0-11.el8ost.noarch",
"product_id": "python3-mock-0:2.0.0-11.el8ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-mock@2.0.0-11.el8ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-pbr-0:5.1.2-2.el8ost.noarch",
"product": {
"name": "python3-pbr-0:5.1.2-2.el8ost.noarch",
"product_id": "python3-pbr-0:5.1.2-2.el8ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-pbr@5.1.2-2.el8ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-ffi-doc-0:1.9.25-1.el8cf.noarch",
"product": {
"name": "rubygem-ffi-doc-0:1.9.25-1.el8cf.noarch",
"product_id": "rubygem-ffi-doc-0:1.9.25-1.el8cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-ffi-doc@1.9.25-1.el8cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-hamlit-doc-0:2.8.10-1.el8cf.noarch",
"product": {
"name": "rubygem-hamlit-doc-0:2.8.10-1.el8cf.noarch",
"product_id": "rubygem-hamlit-doc-0:2.8.10-1.el8cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-hamlit-doc@2.8.10-1.el8cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-http_parser.rb-doc-0:0.6.0-1.el8cf.noarch",
"product": {
"name": "rubygem-http_parser.rb-doc-0:0.6.0-1.el8cf.noarch",
"product_id": "rubygem-http_parser.rb-doc-0:0.6.0-1.el8cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-http_parser.rb-doc@0.6.0-1.el8cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-linux_block_device-doc-0:0.2.1-1.el8cf.noarch",
"product": {
"name": "rubygem-linux_block_device-doc-0:0.2.1-1.el8cf.noarch",
"product_id": "rubygem-linux_block_device-doc-0:0.2.1-1.el8cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-linux_block_device-doc@0.2.1-1.el8cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-memory_buffer-doc-0:0.1.0-2.el8cf.noarch",
"product": {
"name": "rubygem-memory_buffer-doc-0:0.1.0-2.el8cf.noarch",
"product_id": "rubygem-memory_buffer-doc-0:0.1.0-2.el8cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-memory_buffer-doc@0.1.0-2.el8cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-puma-doc-0:3.7.1-1.el8cf.noarch",
"product": {
"name": "rubygem-puma-doc-0:3.7.1-1.el8cf.noarch",
"product_id": "rubygem-puma-doc-0:3.7.1-1.el8cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-puma-doc@3.7.1-1.el8cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-sassc-doc-0:2.0.1-1.el8cf.noarch",
"product": {
"name": "rubygem-sassc-doc-0:2.0.1-1.el8cf.noarch",
"product_id": "rubygem-sassc-doc-0:2.0.1-1.el8cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-sassc-doc@2.0.1-1.el8cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-sqlite3-doc-0:1.3.13-2.el8cf.noarch",
"product": {
"name": "rubygem-sqlite3-doc-0:1.3.13-2.el8cf.noarch",
"product_id": "rubygem-sqlite3-doc-0:1.3.13-2.el8cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-sqlite3-doc@1.3.13-2.el8cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-surro-gate-doc-0:1.0.5-1.el8cf.noarch",
"product": {
"name": "rubygem-surro-gate-doc-0:1.0.5-1.el8cf.noarch",
"product_id": "rubygem-surro-gate-doc-0:1.0.5-1.el8cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-surro-gate-doc@1.0.5-1.el8cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-websocket-driver-doc-0:0.6.5-1.el8cf.noarch",
"product": {
"name": "rubygem-websocket-driver-doc-0:0.6.5-1.el8cf.noarch",
"product_id": "rubygem-websocket-driver-doc-0:0.6.5-1.el8cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-websocket-driver-doc@0.6.5-1.el8cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "smem-0:1.4-1.el8cf.noarch",
"product": {
"name": "smem-0:1.4-1.el8cf.noarch",
"product_id": "smem-0:1.4-1.el8cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/smem@1.4-1.el8cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-future-0:0.16.0-1.el8cf.noarch",
"product": {
"name": "python3-future-0:0.16.0-1.el8cf.noarch",
"product_id": "python3-future-0:0.16.0-1.el8cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-future@0.16.0-1.el8cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-bambou-0:3.0.1-2.el8cf.noarch",
"product": {
"name": "python3-bambou-0:3.0.1-2.el8cf.noarch",
"product_id": "python3-bambou-0:3.0.1-2.el8cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-bambou@3.0.1-2.el8cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-requests-toolbelt-0:0.8.0-2.el8cf.noarch",
"product": {
"name": "python3-requests-toolbelt-0:0.8.0-2.el8cf.noarch",
"product_id": "python3-requests-toolbelt-0:0.8.0-2.el8cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-requests-toolbelt@0.8.0-2.el8cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-pylxca-0:2.1.1-2.el8cf.noarch",
"product": {
"name": "python3-pylxca-0:2.1.1-2.el8cf.noarch",
"product_id": "python3-pylxca-0:2.1.1-2.el8cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-pylxca@2.1.1-2.el8cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-tabulate-0:0.8.2-1.el8cf.noarch",
"product": {
"name": "python3-tabulate-0:0.8.2-1.el8cf.noarch",
"product_id": "python3-tabulate-0:0.8.2-1.el8cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-tabulate@0.8.2-1.el8cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-vspk-0:5.3.2-2.el8cf.noarch",
"product": {
"name": "python3-vspk-0:5.3.2-2.el8cf.noarch",
"product_id": "python3-vspk-0:5.3.2-2.el8cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-vspk@5.3.2-2.el8cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ansible-runner-0:1.3.4-2.el8ar.noarch",
"product": {
"name": "ansible-runner-0:1.3.4-2.el8ar.noarch",
"product_id": "ansible-runner-0:1.3.4-2.el8ar.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ansible-runner@1.3.4-2.el8ar?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-ansible-runner-0:1.3.4-2.el8ar.noarch",
"product": {
"name": "python3-ansible-runner-0:1.3.4-2.el8ar.noarch",
"product_id": "python3-ansible-runner-0:1.3.4-2.el8ar.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-ansible-runner@1.3.4-2.el8ar?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-daemon-0:2.1.2-9.el8ar.noarch",
"product": {
"name": "python3-daemon-0:2.1.2-9.el8ar.noarch",
"product_id": "python3-daemon-0:2.1.2-9.el8ar.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-daemon@2.1.2-9.el8ar?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-pexpect-0:4.6-2.el8ar.noarch",
"product": {
"name": "python3-pexpect-0:4.6-2.el8ar.noarch",
"product_id": "python3-pexpect-0:4.6-2.el8ar.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-pexpect@4.6-2.el8ar?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "qpid-proton-c-docs-0:0.28.0-1.el8.noarch",
"product": {
"name": "qpid-proton-c-docs-0:0.28.0-1.el8.noarch",
"product_id": "qpid-proton-c-docs-0:0.28.0-1.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-proton-c-docs@0.28.0-1.el8?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-qpid_proton-doc-0:0.26.0-1.el8cf.noarch",
"product": {
"name": "rubygem-qpid_proton-doc-0:0.26.0-1.el8cf.noarch",
"product_id": "rubygem-qpid_proton-doc-0:0.26.0-1.el8cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-qpid_proton-doc@0.26.0-1.el8cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-escape_utils-doc-0:1.2.1-1.el8cf.noarch",
"product": {
"name": "rubygem-escape_utils-doc-0:1.2.1-1.el8cf.noarch",
"product_id": "rubygem-escape_utils-doc-0:1.2.1-1.el8cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-escape_utils-doc@1.2.1-1.el8cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "v2v-conversion-host-ansible-0:1.14.2-1.el8ev.noarch",
"product": {
"name": "v2v-conversion-host-ansible-0:1.14.2-1.el8ev.noarch",
"product_id": "v2v-conversion-host-ansible-0:1.14.2-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/v2v-conversion-host-ansible@1.14.2-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-lockfile-1:0.11.0-8.el8ar.noarch",
"product": {
"name": "python3-lockfile-1:0.11.0-8.el8ar.noarch",
"product_id": "python3-lockfile-1:0.11.0-8.el8ar.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-lockfile@0.11.0-8.el8ar?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "rubygem-bcrypt-doc-0:3.1.13-1.el8cf.noarch",
"product": {
"name": "rubygem-bcrypt-doc-0:3.1.13-1.el8cf.noarch",
"product_id": "rubygem-bcrypt-doc-0:3.1.13-1.el8cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-bcrypt-doc@3.1.13-1.el8cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-nio4r-doc-0:2.4.0-1.el8cf.noarch",
"product": {
"name": "rubygem-nio4r-doc-0:2.4.0-1.el8cf.noarch",
"product_id": "rubygem-nio4r-doc-0:2.4.0-1.el8cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-nio4r-doc@2.4.0-1.el8cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-unf_ext-doc-0:0.0.7.6-1.el8cf.noarch",
"product": {
"name": "rubygem-unf_ext-doc-0:0.0.7.6-1.el8cf.noarch",
"product_id": "rubygem-unf_ext-doc-0:0.0.7.6-1.el8cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-unf_ext-doc@0.0.7.6-1.el8cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-byebug-doc-0:11.0.1-1.el8cf.noarch",
"product": {
"name": "rubygem-byebug-doc-0:11.0.1-1.el8cf.noarch",
"product_id": "rubygem-byebug-doc-0:11.0.1-1.el8cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-byebug-doc@11.0.1-1.el8cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-ansible-cluster-upgrade-0:1.1.13-1.el8ev.noarch",
"product": {
"name": "ovirt-ansible-cluster-upgrade-0:1.1.13-1.el8ev.noarch",
"product_id": "ovirt-ansible-cluster-upgrade-0:1.1.13-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-ansible-cluster-upgrade@1.1.13-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-ansible-disaster-recovery-0:1.2.0-1.el8ev.noarch",
"product": {
"name": "ovirt-ansible-disaster-recovery-0:1.2.0-1.el8ev.noarch",
"product_id": "ovirt-ansible-disaster-recovery-0:1.2.0-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-ansible-disaster-recovery@1.2.0-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-ansible-engine-setup-0:1.1.9-1.el8ev.noarch",
"product": {
"name": "ovirt-ansible-engine-setup-0:1.1.9-1.el8ev.noarch",
"product_id": "ovirt-ansible-engine-setup-0:1.1.9-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-ansible-engine-setup@1.1.9-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-ansible-hosted-engine-setup-0:1.0.26-1.el8ev.noarch",
"product": {
"name": "ovirt-ansible-hosted-engine-setup-0:1.0.26-1.el8ev.noarch",
"product_id": "ovirt-ansible-hosted-engine-setup-0:1.0.26-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-ansible-hosted-engine-setup@1.0.26-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-ansible-image-template-0:1.1.11-1.el8ev.noarch",
"product": {
"name": "ovirt-ansible-image-template-0:1.1.11-1.el8ev.noarch",
"product_id": "ovirt-ansible-image-template-0:1.1.11-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-ansible-image-template@1.1.11-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-ansible-infra-0:1.1.12-1.el8ev.noarch",
"product": {
"name": "ovirt-ansible-infra-0:1.1.12-1.el8ev.noarch",
"product_id": "ovirt-ansible-infra-0:1.1.12-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-ansible-infra@1.1.12-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-ansible-manageiq-0:1.1.14-1.el8ev.noarch",
"product": {
"name": "ovirt-ansible-manageiq-0:1.1.14-1.el8ev.noarch",
"product_id": "ovirt-ansible-manageiq-0:1.1.14-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-ansible-manageiq@1.1.14-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-ansible-repositories-0:1.1.5-1.el8ev.noarch",
"product": {
"name": "ovirt-ansible-repositories-0:1.1.5-1.el8ev.noarch",
"product_id": "ovirt-ansible-repositories-0:1.1.5-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-ansible-repositories@1.1.5-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-ansible-roles-0:1.1.7-2.el8ev.noarch",
"product": {
"name": "ovirt-ansible-roles-0:1.1.7-2.el8ev.noarch",
"product_id": "ovirt-ansible-roles-0:1.1.7-2.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-ansible-roles@1.1.7-2.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-ansible-shutdown-env-0:1.0.3-1.el8ev.noarch",
"product": {
"name": "ovirt-ansible-shutdown-env-0:1.0.3-1.el8ev.noarch",
"product_id": "ovirt-ansible-shutdown-env-0:1.0.3-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-ansible-shutdown-env@1.0.3-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-ansible-vm-infra-0:1.1.19-1.el8ev.noarch",
"product": {
"name": "ovirt-ansible-vm-infra-0:1.1.19-1.el8ev.noarch",
"product_id": "ovirt-ansible-vm-infra-0:1.1.19-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-ansible-vm-infra@1.1.19-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-rugged-doc-0:0.28.2-1.el8cf.noarch",
"product": {
"name": "rubygem-rugged-doc-0:0.28.2-1.el8cf.noarch",
"product_id": "rubygem-rugged-doc-0:0.28.2-1.el8cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-rugged-doc@0.28.2-1.el8cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-ovirt-engine-sdk4-doc-0:4.3.0-1.el8cf.noarch",
"product": {
"name": "rubygem-ovirt-engine-sdk4-doc-0:4.3.0-1.el8cf.noarch",
"product_id": "rubygem-ovirt-engine-sdk4-doc-0:4.3.0-1.el8cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-ovirt-engine-sdk4-doc@4.3.0-1.el8cf?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "rubygem-ffi-0:1.9.25-1.el8cf.x86_64",
"product": {
"name": "rubygem-ffi-0:1.9.25-1.el8cf.x86_64",
"product_id": "rubygem-ffi-0:1.9.25-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-ffi@1.9.25-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-ffi-debugsource-0:1.9.25-1.el8cf.x86_64",
"product": {
"name": "rubygem-ffi-debugsource-0:1.9.25-1.el8cf.x86_64",
"product_id": "rubygem-ffi-debugsource-0:1.9.25-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-ffi-debugsource@1.9.25-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-ffi-debuginfo-0:1.9.25-1.el8cf.x86_64",
"product": {
"name": "rubygem-ffi-debuginfo-0:1.9.25-1.el8cf.x86_64",
"product_id": "rubygem-ffi-debuginfo-0:1.9.25-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-ffi-debuginfo@1.9.25-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-hamlit-0:2.8.10-1.el8cf.x86_64",
"product": {
"name": "rubygem-hamlit-0:2.8.10-1.el8cf.x86_64",
"product_id": "rubygem-hamlit-0:2.8.10-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-hamlit@2.8.10-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-hamlit-debugsource-0:2.8.10-1.el8cf.x86_64",
"product": {
"name": "rubygem-hamlit-debugsource-0:2.8.10-1.el8cf.x86_64",
"product_id": "rubygem-hamlit-debugsource-0:2.8.10-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-hamlit-debugsource@2.8.10-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-hamlit-debuginfo-0:2.8.10-1.el8cf.x86_64",
"product": {
"name": "rubygem-hamlit-debuginfo-0:2.8.10-1.el8cf.x86_64",
"product_id": "rubygem-hamlit-debuginfo-0:2.8.10-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-hamlit-debuginfo@2.8.10-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-http_parser.rb-0:0.6.0-1.el8cf.x86_64",
"product": {
"name": "rubygem-http_parser.rb-0:0.6.0-1.el8cf.x86_64",
"product_id": "rubygem-http_parser.rb-0:0.6.0-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-http_parser.rb@0.6.0-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-http_parser.rb-debugsource-0:0.6.0-1.el8cf.x86_64",
"product": {
"name": "rubygem-http_parser.rb-debugsource-0:0.6.0-1.el8cf.x86_64",
"product_id": "rubygem-http_parser.rb-debugsource-0:0.6.0-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-http_parser.rb-debugsource@0.6.0-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-http_parser.rb-debuginfo-0:0.6.0-1.el8cf.x86_64",
"product": {
"name": "rubygem-http_parser.rb-debuginfo-0:0.6.0-1.el8cf.x86_64",
"product_id": "rubygem-http_parser.rb-debuginfo-0:0.6.0-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-http_parser.rb-debuginfo@0.6.0-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-linux_block_device-0:0.2.1-1.el8cf.x86_64",
"product": {
"name": "rubygem-linux_block_device-0:0.2.1-1.el8cf.x86_64",
"product_id": "rubygem-linux_block_device-0:0.2.1-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-linux_block_device@0.2.1-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-linux_block_device-debugsource-0:0.2.1-1.el8cf.x86_64",
"product": {
"name": "rubygem-linux_block_device-debugsource-0:0.2.1-1.el8cf.x86_64",
"product_id": "rubygem-linux_block_device-debugsource-0:0.2.1-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-linux_block_device-debugsource@0.2.1-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-linux_block_device-debuginfo-0:0.2.1-1.el8cf.x86_64",
"product": {
"name": "rubygem-linux_block_device-debuginfo-0:0.2.1-1.el8cf.x86_64",
"product_id": "rubygem-linux_block_device-debuginfo-0:0.2.1-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-linux_block_device-debuginfo@0.2.1-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-memory_buffer-0:0.1.0-2.el8cf.x86_64",
"product": {
"name": "rubygem-memory_buffer-0:0.1.0-2.el8cf.x86_64",
"product_id": "rubygem-memory_buffer-0:0.1.0-2.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-memory_buffer@0.1.0-2.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-memory_buffer-debugsource-0:0.1.0-2.el8cf.x86_64",
"product": {
"name": "rubygem-memory_buffer-debugsource-0:0.1.0-2.el8cf.x86_64",
"product_id": "rubygem-memory_buffer-debugsource-0:0.1.0-2.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-memory_buffer-debugsource@0.1.0-2.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-memory_buffer-debuginfo-0:0.1.0-2.el8cf.x86_64",
"product": {
"name": "rubygem-memory_buffer-debuginfo-0:0.1.0-2.el8cf.x86_64",
"product_id": "rubygem-memory_buffer-debuginfo-0:0.1.0-2.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-memory_buffer-debuginfo@0.1.0-2.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-nokogiri-0:1.8.5-1.el8cf.x86_64",
"product": {
"name": "rubygem-nokogiri-0:1.8.5-1.el8cf.x86_64",
"product_id": "rubygem-nokogiri-0:1.8.5-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-nokogiri@1.8.5-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-nokogiri-doc-0:1.8.5-1.el8cf.x86_64",
"product": {
"name": "rubygem-nokogiri-doc-0:1.8.5-1.el8cf.x86_64",
"product_id": "rubygem-nokogiri-doc-0:1.8.5-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-nokogiri-doc@1.8.5-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-nokogiri-debugsource-0:1.8.5-1.el8cf.x86_64",
"product": {
"name": "rubygem-nokogiri-debugsource-0:1.8.5-1.el8cf.x86_64",
"product_id": "rubygem-nokogiri-debugsource-0:1.8.5-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-nokogiri-debugsource@1.8.5-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-nokogiri-debuginfo-0:1.8.5-1.el8cf.x86_64",
"product": {
"name": "rubygem-nokogiri-debuginfo-0:1.8.5-1.el8cf.x86_64",
"product_id": "rubygem-nokogiri-debuginfo-0:1.8.5-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-nokogiri-debuginfo@1.8.5-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-puma-0:3.7.1-1.el8cf.x86_64",
"product": {
"name": "rubygem-puma-0:3.7.1-1.el8cf.x86_64",
"product_id": "rubygem-puma-0:3.7.1-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-puma@3.7.1-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-puma-debugsource-0:3.7.1-1.el8cf.x86_64",
"product": {
"name": "rubygem-puma-debugsource-0:3.7.1-1.el8cf.x86_64",
"product_id": "rubygem-puma-debugsource-0:3.7.1-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-puma-debugsource@3.7.1-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-puma-debuginfo-0:3.7.1-1.el8cf.x86_64",
"product": {
"name": "rubygem-puma-debuginfo-0:3.7.1-1.el8cf.x86_64",
"product_id": "rubygem-puma-debuginfo-0:3.7.1-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-puma-debuginfo@3.7.1-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-sassc-0:2.0.1-1.el8cf.x86_64",
"product": {
"name": "rubygem-sassc-0:2.0.1-1.el8cf.x86_64",
"product_id": "rubygem-sassc-0:2.0.1-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-sassc@2.0.1-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-sassc-debugsource-0:2.0.1-1.el8cf.x86_64",
"product": {
"name": "rubygem-sassc-debugsource-0:2.0.1-1.el8cf.x86_64",
"product_id": "rubygem-sassc-debugsource-0:2.0.1-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-sassc-debugsource@2.0.1-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-sassc-debuginfo-0:2.0.1-1.el8cf.x86_64",
"product": {
"name": "rubygem-sassc-debuginfo-0:2.0.1-1.el8cf.x86_64",
"product_id": "rubygem-sassc-debuginfo-0:2.0.1-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-sassc-debuginfo@2.0.1-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-sqlite3-0:1.3.13-2.el8cf.x86_64",
"product": {
"name": "rubygem-sqlite3-0:1.3.13-2.el8cf.x86_64",
"product_id": "rubygem-sqlite3-0:1.3.13-2.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-sqlite3@1.3.13-2.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-sqlite3-debugsource-0:1.3.13-2.el8cf.x86_64",
"product": {
"name": "rubygem-sqlite3-debugsource-0:1.3.13-2.el8cf.x86_64",
"product_id": "rubygem-sqlite3-debugsource-0:1.3.13-2.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-sqlite3-debugsource@1.3.13-2.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-sqlite3-debuginfo-0:1.3.13-2.el8cf.x86_64",
"product": {
"name": "rubygem-sqlite3-debuginfo-0:1.3.13-2.el8cf.x86_64",
"product_id": "rubygem-sqlite3-debuginfo-0:1.3.13-2.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-sqlite3-debuginfo@1.3.13-2.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-surro-gate-0:1.0.5-1.el8cf.x86_64",
"product": {
"name": "rubygem-surro-gate-0:1.0.5-1.el8cf.x86_64",
"product_id": "rubygem-surro-gate-0:1.0.5-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-surro-gate@1.0.5-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-surro-gate-debugsource-0:1.0.5-1.el8cf.x86_64",
"product": {
"name": "rubygem-surro-gate-debugsource-0:1.0.5-1.el8cf.x86_64",
"product_id": "rubygem-surro-gate-debugsource-0:1.0.5-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-surro-gate-debugsource@1.0.5-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-surro-gate-debuginfo-0:1.0.5-1.el8cf.x86_64",
"product": {
"name": "rubygem-surro-gate-debuginfo-0:1.0.5-1.el8cf.x86_64",
"product_id": "rubygem-surro-gate-debuginfo-0:1.0.5-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-surro-gate-debuginfo@1.0.5-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-websocket-driver-0:0.6.5-1.el8cf.x86_64",
"product": {
"name": "rubygem-websocket-driver-0:0.6.5-1.el8cf.x86_64",
"product_id": "rubygem-websocket-driver-0:0.6.5-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-websocket-driver@0.6.5-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-websocket-driver-debugsource-0:0.6.5-1.el8cf.x86_64",
"product": {
"name": "rubygem-websocket-driver-debugsource-0:0.6.5-1.el8cf.x86_64",
"product_id": "rubygem-websocket-driver-debugsource-0:0.6.5-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-websocket-driver-debugsource@0.6.5-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-websocket-driver-debuginfo-0:0.6.5-1.el8cf.x86_64",
"product": {
"name": "rubygem-websocket-driver-debuginfo-0:0.6.5-1.el8cf.x86_64",
"product_id": "rubygem-websocket-driver-debuginfo-0:0.6.5-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-websocket-driver-debuginfo@0.6.5-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "wmi-0:1.3.14-8.el8cf.x86_64",
"product": {
"name": "wmi-0:1.3.14-8.el8cf.x86_64",
"product_id": "wmi-0:1.3.14-8.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/wmi@1.3.14-8.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "wmi-debugsource-0:1.3.14-8.el8cf.x86_64",
"product": {
"name": "wmi-debugsource-0:1.3.14-8.el8cf.x86_64",
"product_id": "wmi-debugsource-0:1.3.14-8.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/wmi-debugsource@1.3.14-8.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "wmi-debuginfo-0:1.3.14-8.el8cf.x86_64",
"product": {
"name": "wmi-debuginfo-0:1.3.14-8.el8cf.x86_64",
"product_id": "wmi-debuginfo-0:1.3.14-8.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/wmi-debuginfo@1.3.14-8.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "prince-0:12.4-1.el8cf.x86_64",
"product": {
"name": "prince-0:12.4-1.el8cf.x86_64",
"product_id": "prince-0:12.4-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/prince@12.4-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-psutil-0:5.4.3-5.el8ar.x86_64",
"product": {
"name": "python3-psutil-0:5.4.3-5.el8ar.x86_64",
"product_id": "python3-psutil-0:5.4.3-5.el8ar.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-psutil@5.4.3-5.el8ar?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python-psutil-debugsource-0:5.4.3-5.el8ar.x86_64",
"product": {
"name": "python-psutil-debugsource-0:5.4.3-5.el8ar.x86_64",
"product_id": "python-psutil-debugsource-0:5.4.3-5.el8ar.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-psutil-debugsource@5.4.3-5.el8ar?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-psutil-debuginfo-0:5.4.3-5.el8ar.x86_64",
"product": {
"name": "python3-psutil-debuginfo-0:5.4.3-5.el8ar.x86_64",
"product_id": "python3-psutil-debuginfo-0:5.4.3-5.el8ar.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-psutil-debuginfo@5.4.3-5.el8ar?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "repmgr10-0:4.0.6-3.el8cf.x86_64",
"product": {
"name": "repmgr10-0:4.0.6-3.el8cf.x86_64",
"product_id": "repmgr10-0:4.0.6-3.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/repmgr10@4.0.6-3.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "repmgr10-debugsource-0:4.0.6-3.el8cf.x86_64",
"product": {
"name": "repmgr10-debugsource-0:4.0.6-3.el8cf.x86_64",
"product_id": "repmgr10-debugsource-0:4.0.6-3.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/repmgr10-debugsource@4.0.6-3.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "repmgr10-debuginfo-0:4.0.6-3.el8cf.x86_64",
"product": {
"name": "repmgr10-debuginfo-0:4.0.6-3.el8cf.x86_64",
"product_id": "repmgr10-debuginfo-0:4.0.6-3.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/repmgr10-debuginfo@4.0.6-3.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "qpid-proton-c-0:0.28.0-1.el8.x86_64",
"product": {
"name": "qpid-proton-c-0:0.28.0-1.el8.x86_64",
"product_id": "qpid-proton-c-0:0.28.0-1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-proton-c@0.28.0-1.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "qpid-proton-c-devel-0:0.28.0-1.el8.x86_64",
"product": {
"name": "qpid-proton-c-devel-0:0.28.0-1.el8.x86_64",
"product_id": "qpid-proton-c-devel-0:0.28.0-1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-proton-c-devel@0.28.0-1.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "qpid-proton-debugsource-0:0.28.0-1.el8.x86_64",
"product": {
"name": "qpid-proton-debugsource-0:0.28.0-1.el8.x86_64",
"product_id": "qpid-proton-debugsource-0:0.28.0-1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-proton-debugsource@0.28.0-1.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-qpid-proton-debuginfo-0:0.28.0-1.el8.x86_64",
"product": {
"name": "python3-qpid-proton-debuginfo-0:0.28.0-1.el8.x86_64",
"product_id": "python3-qpid-proton-debuginfo-0:0.28.0-1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-qpid-proton-debuginfo@0.28.0-1.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "qpid-proton-c-debuginfo-0:0.28.0-1.el8.x86_64",
"product": {
"name": "qpid-proton-c-debuginfo-0:0.28.0-1.el8.x86_64",
"product_id": "qpid-proton-c-debuginfo-0:0.28.0-1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-proton-c-debuginfo@0.28.0-1.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "qpid-proton-cpp-debuginfo-0:0.28.0-1.el8.x86_64",
"product": {
"name": "qpid-proton-cpp-debuginfo-0:0.28.0-1.el8.x86_64",
"product_id": "qpid-proton-cpp-debuginfo-0:0.28.0-1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-proton-cpp-debuginfo@0.28.0-1.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "qpid-proton-debuginfo-0:0.28.0-1.el8.x86_64",
"product": {
"name": "qpid-proton-debuginfo-0:0.28.0-1.el8.x86_64",
"product_id": "qpid-proton-debuginfo-0:0.28.0-1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-proton-debuginfo@0.28.0-1.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-qpid_proton-0:0.26.0-1.el8cf.x86_64",
"product": {
"name": "rubygem-qpid_proton-0:0.26.0-1.el8cf.x86_64",
"product_id": "rubygem-qpid_proton-0:0.26.0-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-qpid_proton@0.26.0-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-qpid_proton-debugsource-0:0.26.0-1.el8cf.x86_64",
"product": {
"name": "rubygem-qpid_proton-debugsource-0:0.26.0-1.el8cf.x86_64",
"product_id": "rubygem-qpid_proton-debugsource-0:0.26.0-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-qpid_proton-debugsource@0.26.0-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-qpid_proton-debuginfo-0:0.26.0-1.el8cf.x86_64",
"product": {
"name": "rubygem-qpid_proton-debuginfo-0:0.26.0-1.el8cf.x86_64",
"product_id": "rubygem-qpid_proton-debuginfo-0:0.26.0-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-qpid_proton-debuginfo@0.26.0-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-escape_utils-0:1.2.1-1.el8cf.x86_64",
"product": {
"name": "rubygem-escape_utils-0:1.2.1-1.el8cf.x86_64",
"product_id": "rubygem-escape_utils-0:1.2.1-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-escape_utils@1.2.1-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-escape_utils-debugsource-0:1.2.1-1.el8cf.x86_64",
"product": {
"name": "rubygem-escape_utils-debugsource-0:1.2.1-1.el8cf.x86_64",
"product_id": "rubygem-escape_utils-debugsource-0:1.2.1-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-escape_utils-debugsource@1.2.1-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-escape_utils-debuginfo-0:1.2.1-1.el8cf.x86_64",
"product": {
"name": "rubygem-escape_utils-debuginfo-0:1.2.1-1.el8cf.x86_64",
"product_id": "rubygem-escape_utils-debuginfo-0:1.2.1-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-escape_utils-debuginfo@1.2.1-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-bcrypt-0:3.1.13-1.el8cf.x86_64",
"product": {
"name": "rubygem-bcrypt-0:3.1.13-1.el8cf.x86_64",
"product_id": "rubygem-bcrypt-0:3.1.13-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-bcrypt@3.1.13-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-bcrypt-debugsource-0:3.1.13-1.el8cf.x86_64",
"product": {
"name": "rubygem-bcrypt-debugsource-0:3.1.13-1.el8cf.x86_64",
"product_id": "rubygem-bcrypt-debugsource-0:3.1.13-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-bcrypt-debugsource@3.1.13-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-bcrypt-debuginfo-0:3.1.13-1.el8cf.x86_64",
"product": {
"name": "rubygem-bcrypt-debuginfo-0:3.1.13-1.el8cf.x86_64",
"product_id": "rubygem-bcrypt-debuginfo-0:3.1.13-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-bcrypt-debuginfo@3.1.13-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-nio4r-0:2.4.0-1.el8cf.x86_64",
"product": {
"name": "rubygem-nio4r-0:2.4.0-1.el8cf.x86_64",
"product_id": "rubygem-nio4r-0:2.4.0-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-nio4r@2.4.0-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-nio4r-debugsource-0:2.4.0-1.el8cf.x86_64",
"product": {
"name": "rubygem-nio4r-debugsource-0:2.4.0-1.el8cf.x86_64",
"product_id": "rubygem-nio4r-debugsource-0:2.4.0-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-nio4r-debugsource@2.4.0-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-nio4r-debuginfo-0:2.4.0-1.el8cf.x86_64",
"product": {
"name": "rubygem-nio4r-debuginfo-0:2.4.0-1.el8cf.x86_64",
"product_id": "rubygem-nio4r-debuginfo-0:2.4.0-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-nio4r-debuginfo@2.4.0-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-unf_ext-0:0.0.7.6-1.el8cf.x86_64",
"product": {
"name": "rubygem-unf_ext-0:0.0.7.6-1.el8cf.x86_64",
"product_id": "rubygem-unf_ext-0:0.0.7.6-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-unf_ext@0.0.7.6-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-unf_ext-debugsource-0:0.0.7.6-1.el8cf.x86_64",
"product": {
"name": "rubygem-unf_ext-debugsource-0:0.0.7.6-1.el8cf.x86_64",
"product_id": "rubygem-unf_ext-debugsource-0:0.0.7.6-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-unf_ext-debugsource@0.0.7.6-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-unf_ext-debuginfo-0:0.0.7.6-1.el8cf.x86_64",
"product": {
"name": "rubygem-unf_ext-debuginfo-0:0.0.7.6-1.el8cf.x86_64",
"product_id": "rubygem-unf_ext-debuginfo-0:0.0.7.6-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-unf_ext-debuginfo@0.0.7.6-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-byebug-0:11.0.1-1.el8cf.x86_64",
"product": {
"name": "rubygem-byebug-0:11.0.1-1.el8cf.x86_64",
"product_id": "rubygem-byebug-0:11.0.1-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-byebug@11.0.1-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-byebug-debugsource-0:11.0.1-1.el8cf.x86_64",
"product": {
"name": "rubygem-byebug-debugsource-0:11.0.1-1.el8cf.x86_64",
"product_id": "rubygem-byebug-debugsource-0:11.0.1-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-byebug-debugsource@11.0.1-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-byebug-debuginfo-0:11.0.1-1.el8cf.x86_64",
"product": {
"name": "rubygem-byebug-debuginfo-0:11.0.1-1.el8cf.x86_64",
"product_id": "rubygem-byebug-debuginfo-0:11.0.1-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-byebug-debuginfo@11.0.1-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-ovirt-engine-sdk4-0:4.3.2-1.el8ev.x86_64",
"product": {
"name": "python3-ovirt-engine-sdk4-0:4.3.2-1.el8ev.x86_64",
"product_id": "python3-ovirt-engine-sdk4-0:4.3.2-1.el8ev.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-ovirt-engine-sdk4@4.3.2-1.el8ev?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-ovirt-engine-sdk4-debugsource-0:4.3.2-1.el8ev.x86_64",
"product": {
"name": "python3-ovirt-engine-sdk4-debugsource-0:4.3.2-1.el8ev.x86_64",
"product_id": "python3-ovirt-engine-sdk4-debugsource-0:4.3.2-1.el8ev.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-ovirt-engine-sdk4-debugsource@4.3.2-1.el8ev?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-ovirt-engine-sdk4-debuginfo-0:4.3.2-1.el8ev.x86_64",
"product": {
"name": "python3-ovirt-engine-sdk4-debuginfo-0:4.3.2-1.el8ev.x86_64",
"product_id": "python3-ovirt-engine-sdk4-debuginfo-0:4.3.2-1.el8ev.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-ovirt-engine-sdk4-debuginfo@4.3.2-1.el8ev?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-rugged-0:0.28.2-1.el8cf.x86_64",
"product": {
"name": "rubygem-rugged-0:0.28.2-1.el8cf.x86_64",
"product_id": "rubygem-rugged-0:0.28.2-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-rugged@0.28.2-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-rugged-debugsource-0:0.28.2-1.el8cf.x86_64",
"product": {
"name": "rubygem-rugged-debugsource-0:0.28.2-1.el8cf.x86_64",
"product_id": "rubygem-rugged-debugsource-0:0.28.2-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-rugged-debugsource@0.28.2-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-rugged-debuginfo-0:0.28.2-1.el8cf.x86_64",
"product": {
"name": "rubygem-rugged-debuginfo-0:0.28.2-1.el8cf.x86_64",
"product_id": "rubygem-rugged-debuginfo-0:0.28.2-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-rugged-debuginfo@0.28.2-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-ovirt-engine-sdk4-0:4.3.0-1.el8cf.x86_64",
"product": {
"name": "rubygem-ovirt-engine-sdk4-0:4.3.0-1.el8cf.x86_64",
"product_id": "rubygem-ovirt-engine-sdk4-0:4.3.0-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-ovirt-engine-sdk4@4.3.0-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-ovirt-engine-sdk4-debugsource-0:4.3.0-1.el8cf.x86_64",
"product": {
"name": "rubygem-ovirt-engine-sdk4-debugsource-0:4.3.0-1.el8cf.x86_64",
"product_id": "rubygem-ovirt-engine-sdk4-debugsource-0:4.3.0-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-ovirt-engine-sdk4-debugsource@4.3.0-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-ovirt-engine-sdk4-debuginfo-0:4.3.0-1.el8cf.x86_64",
"product": {
"name": "rubygem-ovirt-engine-sdk4-debuginfo-0:4.3.0-1.el8cf.x86_64",
"product_id": "rubygem-ovirt-engine-sdk4-debuginfo-0:4.3.0-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-ovirt-engine-sdk4-debuginfo@4.3.0-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ansible-tower-venv-ansible-0:3.5.2-1.el8at.x86_64",
"product": {
"name": "ansible-tower-venv-ansible-0:3.5.2-1.el8at.x86_64",
"product_id": "ansible-tower-venv-ansible-0:3.5.2-1.el8at.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ansible-tower-venv-ansible@3.5.2-1.el8at?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cfme-gemset-0:5.11.0.28-1.el8cf.x86_64",
"product": {
"name": "cfme-gemset-0:5.11.0.28-1.el8cf.x86_64",
"product_id": "cfme-gemset-0:5.11.0.28-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cfme-gemset@5.11.0.28-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cfme-appliance-0:5.11.0.28-1.el8cf.x86_64",
"product": {
"name": "cfme-appliance-0:5.11.0.28-1.el8cf.x86_64",
"product_id": "cfme-appliance-0:5.11.0.28-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cfme-appliance@5.11.0.28-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cfme-appliance-common-0:5.11.0.28-1.el8cf.x86_64",
"product": {
"name": "cfme-appliance-common-0:5.11.0.28-1.el8cf.x86_64",
"product_id": "cfme-appliance-common-0:5.11.0.28-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cfme-appliance-common@5.11.0.28-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cfme-appliance-tools-0:5.11.0.28-1.el8cf.x86_64",
"product": {
"name": "cfme-appliance-tools-0:5.11.0.28-1.el8cf.x86_64",
"product_id": "cfme-appliance-tools-0:5.11.0.28-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cfme-appliance-tools@5.11.0.28-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cfme-0:5.11.0.28-1.el8cf.x86_64",
"product": {
"name": "cfme-0:5.11.0.28-1.el8cf.x86_64",
"product_id": "cfme-0:5.11.0.28-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cfme@5.11.0.28-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cfme-amazon-smartstate-0:5.11.0.28-1.el8cf.x86_64",
"product": {
"name": "cfme-amazon-smartstate-0:5.11.0.28-1.el8cf.x86_64",
"product_id": "cfme-amazon-smartstate-0:5.11.0.28-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cfme-amazon-smartstate@5.11.0.28-1.el8cf?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-runner-0:1.3.4-2.el8ar.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:ansible-runner-0:1.3.4-2.el8ar.noarch"
},
"product_reference": "ansible-runner-0:1.3.4-2.el8ar.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-runner-0:1.3.4-2.el8ar.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:ansible-runner-0:1.3.4-2.el8ar.src"
},
"product_reference": "ansible-runner-0:1.3.4-2.el8ar.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-tower-venv-ansible-0:3.5.2-1.el8at.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:ansible-tower-venv-ansible-0:3.5.2-1.el8at.x86_64"
},
"product_reference": "ansible-tower-venv-ansible-0:3.5.2-1.el8at.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cfme-0:5.11.0.28-1.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:cfme-0:5.11.0.28-1.el8cf.src"
},
"product_reference": "cfme-0:5.11.0.28-1.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cfme-0:5.11.0.28-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:cfme-0:5.11.0.28-1.el8cf.x86_64"
},
"product_reference": "cfme-0:5.11.0.28-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cfme-amazon-smartstate-0:5.11.0.28-1.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:cfme-amazon-smartstate-0:5.11.0.28-1.el8cf.src"
},
"product_reference": "cfme-amazon-smartstate-0:5.11.0.28-1.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cfme-amazon-smartstate-0:5.11.0.28-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:cfme-amazon-smartstate-0:5.11.0.28-1.el8cf.x86_64"
},
"product_reference": "cfme-amazon-smartstate-0:5.11.0.28-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cfme-appliance-0:5.11.0.28-1.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:cfme-appliance-0:5.11.0.28-1.el8cf.src"
},
"product_reference": "cfme-appliance-0:5.11.0.28-1.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cfme-appliance-0:5.11.0.28-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:cfme-appliance-0:5.11.0.28-1.el8cf.x86_64"
},
"product_reference": "cfme-appliance-0:5.11.0.28-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cfme-appliance-common-0:5.11.0.28-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:cfme-appliance-common-0:5.11.0.28-1.el8cf.x86_64"
},
"product_reference": "cfme-appliance-common-0:5.11.0.28-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cfme-appliance-tools-0:5.11.0.28-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:cfme-appliance-tools-0:5.11.0.28-1.el8cf.x86_64"
},
"product_reference": "cfme-appliance-tools-0:5.11.0.28-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cfme-gemset-0:5.11.0.28-1.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:cfme-gemset-0:5.11.0.28-1.el8cf.src"
},
"product_reference": "cfme-gemset-0:5.11.0.28-1.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cfme-gemset-0:5.11.0.28-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:cfme-gemset-0:5.11.0.28-1.el8cf.x86_64"
},
"product_reference": "cfme-gemset-0:5.11.0.28-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-ansible-cluster-upgrade-0:1.1.13-1.el8ev.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:ovirt-ansible-cluster-upgrade-0:1.1.13-1.el8ev.noarch"
},
"product_reference": "ovirt-ansible-cluster-upgrade-0:1.1.13-1.el8ev.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-ansible-cluster-upgrade-0:1.1.13-1.el8ev.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:ovirt-ansible-cluster-upgrade-0:1.1.13-1.el8ev.src"
},
"product_reference": "ovirt-ansible-cluster-upgrade-0:1.1.13-1.el8ev.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-ansible-disaster-recovery-0:1.2.0-1.el8ev.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:ovirt-ansible-disaster-recovery-0:1.2.0-1.el8ev.noarch"
},
"product_reference": "ovirt-ansible-disaster-recovery-0:1.2.0-1.el8ev.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-ansible-disaster-recovery-0:1.2.0-1.el8ev.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:ovirt-ansible-disaster-recovery-0:1.2.0-1.el8ev.src"
},
"product_reference": "ovirt-ansible-disaster-recovery-0:1.2.0-1.el8ev.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-ansible-engine-setup-0:1.1.9-1.el8ev.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:ovirt-ansible-engine-setup-0:1.1.9-1.el8ev.noarch"
},
"product_reference": "ovirt-ansible-engine-setup-0:1.1.9-1.el8ev.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-ansible-engine-setup-0:1.1.9-1.el8ev.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:ovirt-ansible-engine-setup-0:1.1.9-1.el8ev.src"
},
"product_reference": "ovirt-ansible-engine-setup-0:1.1.9-1.el8ev.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-ansible-hosted-engine-setup-0:1.0.26-1.el8ev.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:ovirt-ansible-hosted-engine-setup-0:1.0.26-1.el8ev.noarch"
},
"product_reference": "ovirt-ansible-hosted-engine-setup-0:1.0.26-1.el8ev.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-ansible-hosted-engine-setup-0:1.0.26-1.el8ev.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:ovirt-ansible-hosted-engine-setup-0:1.0.26-1.el8ev.src"
},
"product_reference": "ovirt-ansible-hosted-engine-setup-0:1.0.26-1.el8ev.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-ansible-image-template-0:1.1.11-1.el8ev.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:ovirt-ansible-image-template-0:1.1.11-1.el8ev.noarch"
},
"product_reference": "ovirt-ansible-image-template-0:1.1.11-1.el8ev.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-ansible-image-template-0:1.1.11-1.el8ev.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:ovirt-ansible-image-template-0:1.1.11-1.el8ev.src"
},
"product_reference": "ovirt-ansible-image-template-0:1.1.11-1.el8ev.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-ansible-infra-0:1.1.12-1.el8ev.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:ovirt-ansible-infra-0:1.1.12-1.el8ev.noarch"
},
"product_reference": "ovirt-ansible-infra-0:1.1.12-1.el8ev.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-ansible-infra-0:1.1.12-1.el8ev.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:ovirt-ansible-infra-0:1.1.12-1.el8ev.src"
},
"product_reference": "ovirt-ansible-infra-0:1.1.12-1.el8ev.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-ansible-manageiq-0:1.1.14-1.el8ev.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:ovirt-ansible-manageiq-0:1.1.14-1.el8ev.noarch"
},
"product_reference": "ovirt-ansible-manageiq-0:1.1.14-1.el8ev.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-ansible-manageiq-0:1.1.14-1.el8ev.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:ovirt-ansible-manageiq-0:1.1.14-1.el8ev.src"
},
"product_reference": "ovirt-ansible-manageiq-0:1.1.14-1.el8ev.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-ansible-repositories-0:1.1.5-1.el8ev.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:ovirt-ansible-repositories-0:1.1.5-1.el8ev.noarch"
},
"product_reference": "ovirt-ansible-repositories-0:1.1.5-1.el8ev.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-ansible-repositories-0:1.1.5-1.el8ev.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:ovirt-ansible-repositories-0:1.1.5-1.el8ev.src"
},
"product_reference": "ovirt-ansible-repositories-0:1.1.5-1.el8ev.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-ansible-roles-0:1.1.7-2.el8ev.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:ovirt-ansible-roles-0:1.1.7-2.el8ev.noarch"
},
"product_reference": "ovirt-ansible-roles-0:1.1.7-2.el8ev.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-ansible-roles-0:1.1.7-2.el8ev.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:ovirt-ansible-roles-0:1.1.7-2.el8ev.src"
},
"product_reference": "ovirt-ansible-roles-0:1.1.7-2.el8ev.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-ansible-shutdown-env-0:1.0.3-1.el8ev.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:ovirt-ansible-shutdown-env-0:1.0.3-1.el8ev.noarch"
},
"product_reference": "ovirt-ansible-shutdown-env-0:1.0.3-1.el8ev.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-ansible-shutdown-env-0:1.0.3-1.el8ev.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:ovirt-ansible-shutdown-env-0:1.0.3-1.el8ev.src"
},
"product_reference": "ovirt-ansible-shutdown-env-0:1.0.3-1.el8ev.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-ansible-vm-infra-0:1.1.19-1.el8ev.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:ovirt-ansible-vm-infra-0:1.1.19-1.el8ev.noarch"
},
"product_reference": "ovirt-ansible-vm-infra-0:1.1.19-1.el8ev.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-ansible-vm-infra-0:1.1.19-1.el8ev.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:ovirt-ansible-vm-infra-0:1.1.19-1.el8ev.src"
},
"product_reference": "ovirt-ansible-vm-infra-0:1.1.19-1.el8ev.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prince-0:12.4-1.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:prince-0:12.4-1.el8cf.src"
},
"product_reference": "prince-0:12.4-1.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prince-0:12.4-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:prince-0:12.4-1.el8cf.x86_64"
},
"product_reference": "prince-0:12.4-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-bambou-0:3.0.1-2.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python-bambou-0:3.0.1-2.el8cf.src"
},
"product_reference": "python-bambou-0:3.0.1-2.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-colorama-0:0.4.1-1.el8ost.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python-colorama-0:0.4.1-1.el8ost.src"
},
"product_reference": "python-colorama-0:0.4.1-1.el8ost.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-daemon-0:2.1.2-9.el8ar.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python-daemon-0:2.1.2-9.el8ar.src"
},
"product_reference": "python-daemon-0:2.1.2-9.el8ar.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-funcsigs-0:1.0.2-3.el8ost.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python-funcsigs-0:1.0.2-3.el8ost.src"
},
"product_reference": "python-funcsigs-0:1.0.2-3.el8ost.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-future-0:0.16.0-1.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python-future-0:0.16.0-1.el8cf.src"
},
"product_reference": "python-future-0:0.16.0-1.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-lockfile-1:0.11.0-8.el8ar.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python-lockfile-1:0.11.0-8.el8ar.src"
},
"product_reference": "python-lockfile-1:0.11.0-8.el8ar.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-mock-0:2.0.0-11.el8ost.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python-mock-0:2.0.0-11.el8ost.src"
},
"product_reference": "python-mock-0:2.0.0-11.el8ost.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pbr-0:5.1.2-2.el8ost.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python-pbr-0:5.1.2-2.el8ost.src"
},
"product_reference": "python-pbr-0:5.1.2-2.el8ost.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pexpect-0:4.6-2.el8ar.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python-pexpect-0:4.6-2.el8ar.src"
},
"product_reference": "python-pexpect-0:4.6-2.el8ar.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-psutil-0:5.4.3-5.el8ar.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python-psutil-0:5.4.3-5.el8ar.src"
},
"product_reference": "python-psutil-0:5.4.3-5.el8ar.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-psutil-debugsource-0:5.4.3-5.el8ar.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python-psutil-debugsource-0:5.4.3-5.el8ar.x86_64"
},
"product_reference": "python-psutil-debugsource-0:5.4.3-5.el8ar.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pylxca-0:2.1.1-2.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python-pylxca-0:2.1.1-2.el8cf.src"
},
"product_reference": "python-pylxca-0:2.1.1-2.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-requests-toolbelt-0:0.8.0-2.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python-requests-toolbelt-0:0.8.0-2.el8cf.src"
},
"product_reference": "python-requests-toolbelt-0:0.8.0-2.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-tabulate-0:0.8.2-1.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python-tabulate-0:0.8.2-1.el8cf.src"
},
"product_reference": "python-tabulate-0:0.8.2-1.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-vspk-0:5.3.2-2.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python-vspk-0:5.3.2-2.el8cf.src"
},
"product_reference": "python-vspk-0:5.3.2-2.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-ansible-runner-0:1.3.4-2.el8ar.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python3-ansible-runner-0:1.3.4-2.el8ar.noarch"
},
"product_reference": "python3-ansible-runner-0:1.3.4-2.el8ar.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-bambou-0:3.0.1-2.el8cf.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python3-bambou-0:3.0.1-2.el8cf.noarch"
},
"product_reference": "python3-bambou-0:3.0.1-2.el8cf.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-colorama-0:0.4.1-1.el8ost.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python3-colorama-0:0.4.1-1.el8ost.noarch"
},
"product_reference": "python3-colorama-0:0.4.1-1.el8ost.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-daemon-0:2.1.2-9.el8ar.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python3-daemon-0:2.1.2-9.el8ar.noarch"
},
"product_reference": "python3-daemon-0:2.1.2-9.el8ar.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-funcsigs-0:1.0.2-3.el8ost.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python3-funcsigs-0:1.0.2-3.el8ost.noarch"
},
"product_reference": "python3-funcsigs-0:1.0.2-3.el8ost.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-future-0:0.16.0-1.el8cf.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python3-future-0:0.16.0-1.el8cf.noarch"
},
"product_reference": "python3-future-0:0.16.0-1.el8cf.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-lockfile-1:0.11.0-8.el8ar.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python3-lockfile-1:0.11.0-8.el8ar.noarch"
},
"product_reference": "python3-lockfile-1:0.11.0-8.el8ar.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-mock-0:2.0.0-11.el8ost.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python3-mock-0:2.0.0-11.el8ost.noarch"
},
"product_reference": "python3-mock-0:2.0.0-11.el8ost.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-ovirt-engine-sdk4-0:4.3.2-1.el8ev.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python3-ovirt-engine-sdk4-0:4.3.2-1.el8ev.src"
},
"product_reference": "python3-ovirt-engine-sdk4-0:4.3.2-1.el8ev.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-ovirt-engine-sdk4-0:4.3.2-1.el8ev.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python3-ovirt-engine-sdk4-0:4.3.2-1.el8ev.x86_64"
},
"product_reference": "python3-ovirt-engine-sdk4-0:4.3.2-1.el8ev.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-ovirt-engine-sdk4-debuginfo-0:4.3.2-1.el8ev.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python3-ovirt-engine-sdk4-debuginfo-0:4.3.2-1.el8ev.x86_64"
},
"product_reference": "python3-ovirt-engine-sdk4-debuginfo-0:4.3.2-1.el8ev.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-ovirt-engine-sdk4-debugsource-0:4.3.2-1.el8ev.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python3-ovirt-engine-sdk4-debugsource-0:4.3.2-1.el8ev.x86_64"
},
"product_reference": "python3-ovirt-engine-sdk4-debugsource-0:4.3.2-1.el8ev.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pbr-0:5.1.2-2.el8ost.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python3-pbr-0:5.1.2-2.el8ost.noarch"
},
"product_reference": "python3-pbr-0:5.1.2-2.el8ost.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pexpect-0:4.6-2.el8ar.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python3-pexpect-0:4.6-2.el8ar.noarch"
},
"product_reference": "python3-pexpect-0:4.6-2.el8ar.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-psutil-0:5.4.3-5.el8ar.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python3-psutil-0:5.4.3-5.el8ar.x86_64"
},
"product_reference": "python3-psutil-0:5.4.3-5.el8ar.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-psutil-debuginfo-0:5.4.3-5.el8ar.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python3-psutil-debuginfo-0:5.4.3-5.el8ar.x86_64"
},
"product_reference": "python3-psutil-debuginfo-0:5.4.3-5.el8ar.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pylxca-0:2.1.1-2.el8cf.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python3-pylxca-0:2.1.1-2.el8cf.noarch"
},
"product_reference": "python3-pylxca-0:2.1.1-2.el8cf.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-qpid-proton-debuginfo-0:0.28.0-1.el8.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python3-qpid-proton-debuginfo-0:0.28.0-1.el8.x86_64"
},
"product_reference": "python3-qpid-proton-debuginfo-0:0.28.0-1.el8.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-requests-toolbelt-0:0.8.0-2.el8cf.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python3-requests-toolbelt-0:0.8.0-2.el8cf.noarch"
},
"product_reference": "python3-requests-toolbelt-0:0.8.0-2.el8cf.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-tabulate-0:0.8.2-1.el8cf.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python3-tabulate-0:0.8.2-1.el8cf.noarch"
},
"product_reference": "python3-tabulate-0:0.8.2-1.el8cf.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-vspk-0:5.3.2-2.el8cf.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python3-vspk-0:5.3.2-2.el8cf.noarch"
},
"product_reference": "python3-vspk-0:5.3.2-2.el8cf.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-0:0.28.0-1.el8.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:qpid-proton-0:0.28.0-1.el8.src"
},
"product_reference": "qpid-proton-0:0.28.0-1.el8.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-c-0:0.28.0-1.el8.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:qpid-proton-c-0:0.28.0-1.el8.x86_64"
},
"product_reference": "qpid-proton-c-0:0.28.0-1.el8.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-c-debuginfo-0:0.28.0-1.el8.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:qpid-proton-c-debuginfo-0:0.28.0-1.el8.x86_64"
},
"product_reference": "qpid-proton-c-debuginfo-0:0.28.0-1.el8.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-c-devel-0:0.28.0-1.el8.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:qpid-proton-c-devel-0:0.28.0-1.el8.x86_64"
},
"product_reference": "qpid-proton-c-devel-0:0.28.0-1.el8.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-c-docs-0:0.28.0-1.el8.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:qpid-proton-c-docs-0:0.28.0-1.el8.noarch"
},
"product_reference": "qpid-proton-c-docs-0:0.28.0-1.el8.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-cpp-debuginfo-0:0.28.0-1.el8.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:qpid-proton-cpp-debuginfo-0:0.28.0-1.el8.x86_64"
},
"product_reference": "qpid-proton-cpp-debuginfo-0:0.28.0-1.el8.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-debuginfo-0:0.28.0-1.el8.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:qpid-proton-debuginfo-0:0.28.0-1.el8.x86_64"
},
"product_reference": "qpid-proton-debuginfo-0:0.28.0-1.el8.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-debugsource-0:0.28.0-1.el8.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:qpid-proton-debugsource-0:0.28.0-1.el8.x86_64"
},
"product_reference": "qpid-proton-debugsource-0:0.28.0-1.el8.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "repmgr10-0:4.0.6-3.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:repmgr10-0:4.0.6-3.el8cf.src"
},
"product_reference": "repmgr10-0:4.0.6-3.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "repmgr10-0:4.0.6-3.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:repmgr10-0:4.0.6-3.el8cf.x86_64"
},
"product_reference": "repmgr10-0:4.0.6-3.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "repmgr10-debuginfo-0:4.0.6-3.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:repmgr10-debuginfo-0:4.0.6-3.el8cf.x86_64"
},
"product_reference": "repmgr10-debuginfo-0:4.0.6-3.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "repmgr10-debugsource-0:4.0.6-3.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:repmgr10-debugsource-0:4.0.6-3.el8cf.x86_64"
},
"product_reference": "repmgr10-debugsource-0:4.0.6-3.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-bcrypt-0:3.1.13-1.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-bcrypt-0:3.1.13-1.el8cf.src"
},
"product_reference": "rubygem-bcrypt-0:3.1.13-1.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-bcrypt-0:3.1.13-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-bcrypt-0:3.1.13-1.el8cf.x86_64"
},
"product_reference": "rubygem-bcrypt-0:3.1.13-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-bcrypt-debuginfo-0:3.1.13-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-bcrypt-debuginfo-0:3.1.13-1.el8cf.x86_64"
},
"product_reference": "rubygem-bcrypt-debuginfo-0:3.1.13-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-bcrypt-debugsource-0:3.1.13-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-bcrypt-debugsource-0:3.1.13-1.el8cf.x86_64"
},
"product_reference": "rubygem-bcrypt-debugsource-0:3.1.13-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-bcrypt-doc-0:3.1.13-1.el8cf.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-bcrypt-doc-0:3.1.13-1.el8cf.noarch"
},
"product_reference": "rubygem-bcrypt-doc-0:3.1.13-1.el8cf.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-byebug-0:11.0.1-1.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-byebug-0:11.0.1-1.el8cf.src"
},
"product_reference": "rubygem-byebug-0:11.0.1-1.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-byebug-0:11.0.1-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-byebug-0:11.0.1-1.el8cf.x86_64"
},
"product_reference": "rubygem-byebug-0:11.0.1-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-byebug-debuginfo-0:11.0.1-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-byebug-debuginfo-0:11.0.1-1.el8cf.x86_64"
},
"product_reference": "rubygem-byebug-debuginfo-0:11.0.1-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-byebug-debugsource-0:11.0.1-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-byebug-debugsource-0:11.0.1-1.el8cf.x86_64"
},
"product_reference": "rubygem-byebug-debugsource-0:11.0.1-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-byebug-doc-0:11.0.1-1.el8cf.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-byebug-doc-0:11.0.1-1.el8cf.noarch"
},
"product_reference": "rubygem-byebug-doc-0:11.0.1-1.el8cf.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-escape_utils-0:1.2.1-1.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-escape_utils-0:1.2.1-1.el8cf.src"
},
"product_reference": "rubygem-escape_utils-0:1.2.1-1.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-escape_utils-0:1.2.1-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-escape_utils-0:1.2.1-1.el8cf.x86_64"
},
"product_reference": "rubygem-escape_utils-0:1.2.1-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-escape_utils-debuginfo-0:1.2.1-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-escape_utils-debuginfo-0:1.2.1-1.el8cf.x86_64"
},
"product_reference": "rubygem-escape_utils-debuginfo-0:1.2.1-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-escape_utils-debugsource-0:1.2.1-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-escape_utils-debugsource-0:1.2.1-1.el8cf.x86_64"
},
"product_reference": "rubygem-escape_utils-debugsource-0:1.2.1-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-escape_utils-doc-0:1.2.1-1.el8cf.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-escape_utils-doc-0:1.2.1-1.el8cf.noarch"
},
"product_reference": "rubygem-escape_utils-doc-0:1.2.1-1.el8cf.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-ffi-0:1.9.25-1.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-ffi-0:1.9.25-1.el8cf.src"
},
"product_reference": "rubygem-ffi-0:1.9.25-1.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-ffi-0:1.9.25-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-ffi-0:1.9.25-1.el8cf.x86_64"
},
"product_reference": "rubygem-ffi-0:1.9.25-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-ffi-debuginfo-0:1.9.25-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-ffi-debuginfo-0:1.9.25-1.el8cf.x86_64"
},
"product_reference": "rubygem-ffi-debuginfo-0:1.9.25-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-ffi-debugsource-0:1.9.25-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-ffi-debugsource-0:1.9.25-1.el8cf.x86_64"
},
"product_reference": "rubygem-ffi-debugsource-0:1.9.25-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-ffi-doc-0:1.9.25-1.el8cf.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-ffi-doc-0:1.9.25-1.el8cf.noarch"
},
"product_reference": "rubygem-ffi-doc-0:1.9.25-1.el8cf.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-hamlit-0:2.8.10-1.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-hamlit-0:2.8.10-1.el8cf.src"
},
"product_reference": "rubygem-hamlit-0:2.8.10-1.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-hamlit-0:2.8.10-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-hamlit-0:2.8.10-1.el8cf.x86_64"
},
"product_reference": "rubygem-hamlit-0:2.8.10-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-hamlit-debuginfo-0:2.8.10-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-hamlit-debuginfo-0:2.8.10-1.el8cf.x86_64"
},
"product_reference": "rubygem-hamlit-debuginfo-0:2.8.10-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-hamlit-debugsource-0:2.8.10-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-hamlit-debugsource-0:2.8.10-1.el8cf.x86_64"
},
"product_reference": "rubygem-hamlit-debugsource-0:2.8.10-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-hamlit-doc-0:2.8.10-1.el8cf.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-hamlit-doc-0:2.8.10-1.el8cf.noarch"
},
"product_reference": "rubygem-hamlit-doc-0:2.8.10-1.el8cf.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-http_parser.rb-0:0.6.0-1.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-http_parser.rb-0:0.6.0-1.el8cf.src"
},
"product_reference": "rubygem-http_parser.rb-0:0.6.0-1.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-http_parser.rb-0:0.6.0-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-http_parser.rb-0:0.6.0-1.el8cf.x86_64"
},
"product_reference": "rubygem-http_parser.rb-0:0.6.0-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-http_parser.rb-debuginfo-0:0.6.0-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-http_parser.rb-debuginfo-0:0.6.0-1.el8cf.x86_64"
},
"product_reference": "rubygem-http_parser.rb-debuginfo-0:0.6.0-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-http_parser.rb-debugsource-0:0.6.0-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-http_parser.rb-debugsource-0:0.6.0-1.el8cf.x86_64"
},
"product_reference": "rubygem-http_parser.rb-debugsource-0:0.6.0-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-http_parser.rb-doc-0:0.6.0-1.el8cf.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-http_parser.rb-doc-0:0.6.0-1.el8cf.noarch"
},
"product_reference": "rubygem-http_parser.rb-doc-0:0.6.0-1.el8cf.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-linux_block_device-0:0.2.1-1.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-linux_block_device-0:0.2.1-1.el8cf.src"
},
"product_reference": "rubygem-linux_block_device-0:0.2.1-1.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-linux_block_device-0:0.2.1-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-linux_block_device-0:0.2.1-1.el8cf.x86_64"
},
"product_reference": "rubygem-linux_block_device-0:0.2.1-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-linux_block_device-debuginfo-0:0.2.1-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-linux_block_device-debuginfo-0:0.2.1-1.el8cf.x86_64"
},
"product_reference": "rubygem-linux_block_device-debuginfo-0:0.2.1-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-linux_block_device-debugsource-0:0.2.1-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-linux_block_device-debugsource-0:0.2.1-1.el8cf.x86_64"
},
"product_reference": "rubygem-linux_block_device-debugsource-0:0.2.1-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-linux_block_device-doc-0:0.2.1-1.el8cf.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-linux_block_device-doc-0:0.2.1-1.el8cf.noarch"
},
"product_reference": "rubygem-linux_block_device-doc-0:0.2.1-1.el8cf.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-memory_buffer-0:0.1.0-2.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-memory_buffer-0:0.1.0-2.el8cf.src"
},
"product_reference": "rubygem-memory_buffer-0:0.1.0-2.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-memory_buffer-0:0.1.0-2.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-memory_buffer-0:0.1.0-2.el8cf.x86_64"
},
"product_reference": "rubygem-memory_buffer-0:0.1.0-2.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-memory_buffer-debuginfo-0:0.1.0-2.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-memory_buffer-debuginfo-0:0.1.0-2.el8cf.x86_64"
},
"product_reference": "rubygem-memory_buffer-debuginfo-0:0.1.0-2.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-memory_buffer-debugsource-0:0.1.0-2.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-memory_buffer-debugsource-0:0.1.0-2.el8cf.x86_64"
},
"product_reference": "rubygem-memory_buffer-debugsource-0:0.1.0-2.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-memory_buffer-doc-0:0.1.0-2.el8cf.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-memory_buffer-doc-0:0.1.0-2.el8cf.noarch"
},
"product_reference": "rubygem-memory_buffer-doc-0:0.1.0-2.el8cf.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-nio4r-0:2.4.0-1.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-nio4r-0:2.4.0-1.el8cf.src"
},
"product_reference": "rubygem-nio4r-0:2.4.0-1.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-nio4r-0:2.4.0-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-nio4r-0:2.4.0-1.el8cf.x86_64"
},
"product_reference": "rubygem-nio4r-0:2.4.0-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-nio4r-debuginfo-0:2.4.0-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-nio4r-debuginfo-0:2.4.0-1.el8cf.x86_64"
},
"product_reference": "rubygem-nio4r-debuginfo-0:2.4.0-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-nio4r-debugsource-0:2.4.0-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-nio4r-debugsource-0:2.4.0-1.el8cf.x86_64"
},
"product_reference": "rubygem-nio4r-debugsource-0:2.4.0-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-nio4r-doc-0:2.4.0-1.el8cf.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-nio4r-doc-0:2.4.0-1.el8cf.noarch"
},
"product_reference": "rubygem-nio4r-doc-0:2.4.0-1.el8cf.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-nokogiri-0:1.8.5-1.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-nokogiri-0:1.8.5-1.el8cf.src"
},
"product_reference": "rubygem-nokogiri-0:1.8.5-1.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-nokogiri-0:1.8.5-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-nokogiri-0:1.8.5-1.el8cf.x86_64"
},
"product_reference": "rubygem-nokogiri-0:1.8.5-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-nokogiri-debuginfo-0:1.8.5-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-nokogiri-debuginfo-0:1.8.5-1.el8cf.x86_64"
},
"product_reference": "rubygem-nokogiri-debuginfo-0:1.8.5-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-nokogiri-debugsource-0:1.8.5-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-nokogiri-debugsource-0:1.8.5-1.el8cf.x86_64"
},
"product_reference": "rubygem-nokogiri-debugsource-0:1.8.5-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-nokogiri-doc-0:1.8.5-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-nokogiri-doc-0:1.8.5-1.el8cf.x86_64"
},
"product_reference": "rubygem-nokogiri-doc-0:1.8.5-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-ovirt-engine-sdk4-0:4.3.0-1.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-0:4.3.0-1.el8cf.src"
},
"product_reference": "rubygem-ovirt-engine-sdk4-0:4.3.0-1.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-ovirt-engine-sdk4-0:4.3.0-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-0:4.3.0-1.el8cf.x86_64"
},
"product_reference": "rubygem-ovirt-engine-sdk4-0:4.3.0-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-ovirt-engine-sdk4-debuginfo-0:4.3.0-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-debuginfo-0:4.3.0-1.el8cf.x86_64"
},
"product_reference": "rubygem-ovirt-engine-sdk4-debuginfo-0:4.3.0-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-ovirt-engine-sdk4-debugsource-0:4.3.0-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-debugsource-0:4.3.0-1.el8cf.x86_64"
},
"product_reference": "rubygem-ovirt-engine-sdk4-debugsource-0:4.3.0-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-ovirt-engine-sdk4-doc-0:4.3.0-1.el8cf.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-doc-0:4.3.0-1.el8cf.noarch"
},
"product_reference": "rubygem-ovirt-engine-sdk4-doc-0:4.3.0-1.el8cf.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-puma-0:3.7.1-1.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-puma-0:3.7.1-1.el8cf.src"
},
"product_reference": "rubygem-puma-0:3.7.1-1.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-puma-0:3.7.1-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-puma-0:3.7.1-1.el8cf.x86_64"
},
"product_reference": "rubygem-puma-0:3.7.1-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-puma-debuginfo-0:3.7.1-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-puma-debuginfo-0:3.7.1-1.el8cf.x86_64"
},
"product_reference": "rubygem-puma-debuginfo-0:3.7.1-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-puma-debugsource-0:3.7.1-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-puma-debugsource-0:3.7.1-1.el8cf.x86_64"
},
"product_reference": "rubygem-puma-debugsource-0:3.7.1-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-puma-doc-0:3.7.1-1.el8cf.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-puma-doc-0:3.7.1-1.el8cf.noarch"
},
"product_reference": "rubygem-puma-doc-0:3.7.1-1.el8cf.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-qpid_proton-0:0.26.0-1.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-qpid_proton-0:0.26.0-1.el8cf.src"
},
"product_reference": "rubygem-qpid_proton-0:0.26.0-1.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-qpid_proton-0:0.26.0-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-qpid_proton-0:0.26.0-1.el8cf.x86_64"
},
"product_reference": "rubygem-qpid_proton-0:0.26.0-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-qpid_proton-debuginfo-0:0.26.0-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-qpid_proton-debuginfo-0:0.26.0-1.el8cf.x86_64"
},
"product_reference": "rubygem-qpid_proton-debuginfo-0:0.26.0-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-qpid_proton-debugsource-0:0.26.0-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-qpid_proton-debugsource-0:0.26.0-1.el8cf.x86_64"
},
"product_reference": "rubygem-qpid_proton-debugsource-0:0.26.0-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-qpid_proton-doc-0:0.26.0-1.el8cf.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-qpid_proton-doc-0:0.26.0-1.el8cf.noarch"
},
"product_reference": "rubygem-qpid_proton-doc-0:0.26.0-1.el8cf.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-rugged-0:0.28.2-1.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-rugged-0:0.28.2-1.el8cf.src"
},
"product_reference": "rubygem-rugged-0:0.28.2-1.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-rugged-0:0.28.2-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-rugged-0:0.28.2-1.el8cf.x86_64"
},
"product_reference": "rubygem-rugged-0:0.28.2-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-rugged-debuginfo-0:0.28.2-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-rugged-debuginfo-0:0.28.2-1.el8cf.x86_64"
},
"product_reference": "rubygem-rugged-debuginfo-0:0.28.2-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-rugged-debugsource-0:0.28.2-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-rugged-debugsource-0:0.28.2-1.el8cf.x86_64"
},
"product_reference": "rubygem-rugged-debugsource-0:0.28.2-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-rugged-doc-0:0.28.2-1.el8cf.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-rugged-doc-0:0.28.2-1.el8cf.noarch"
},
"product_reference": "rubygem-rugged-doc-0:0.28.2-1.el8cf.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-sassc-0:2.0.1-1.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-sassc-0:2.0.1-1.el8cf.src"
},
"product_reference": "rubygem-sassc-0:2.0.1-1.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-sassc-0:2.0.1-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-sassc-0:2.0.1-1.el8cf.x86_64"
},
"product_reference": "rubygem-sassc-0:2.0.1-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-sassc-debuginfo-0:2.0.1-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-sassc-debuginfo-0:2.0.1-1.el8cf.x86_64"
},
"product_reference": "rubygem-sassc-debuginfo-0:2.0.1-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-sassc-debugsource-0:2.0.1-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-sassc-debugsource-0:2.0.1-1.el8cf.x86_64"
},
"product_reference": "rubygem-sassc-debugsource-0:2.0.1-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-sassc-doc-0:2.0.1-1.el8cf.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-sassc-doc-0:2.0.1-1.el8cf.noarch"
},
"product_reference": "rubygem-sassc-doc-0:2.0.1-1.el8cf.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-sqlite3-0:1.3.13-2.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-sqlite3-0:1.3.13-2.el8cf.src"
},
"product_reference": "rubygem-sqlite3-0:1.3.13-2.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-sqlite3-0:1.3.13-2.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-sqlite3-0:1.3.13-2.el8cf.x86_64"
},
"product_reference": "rubygem-sqlite3-0:1.3.13-2.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-sqlite3-debuginfo-0:1.3.13-2.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-sqlite3-debuginfo-0:1.3.13-2.el8cf.x86_64"
},
"product_reference": "rubygem-sqlite3-debuginfo-0:1.3.13-2.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-sqlite3-debugsource-0:1.3.13-2.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-sqlite3-debugsource-0:1.3.13-2.el8cf.x86_64"
},
"product_reference": "rubygem-sqlite3-debugsource-0:1.3.13-2.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-sqlite3-doc-0:1.3.13-2.el8cf.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-sqlite3-doc-0:1.3.13-2.el8cf.noarch"
},
"product_reference": "rubygem-sqlite3-doc-0:1.3.13-2.el8cf.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-surro-gate-0:1.0.5-1.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-surro-gate-0:1.0.5-1.el8cf.src"
},
"product_reference": "rubygem-surro-gate-0:1.0.5-1.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-surro-gate-0:1.0.5-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-surro-gate-0:1.0.5-1.el8cf.x86_64"
},
"product_reference": "rubygem-surro-gate-0:1.0.5-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-surro-gate-debuginfo-0:1.0.5-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-surro-gate-debuginfo-0:1.0.5-1.el8cf.x86_64"
},
"product_reference": "rubygem-surro-gate-debuginfo-0:1.0.5-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-surro-gate-debugsource-0:1.0.5-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-surro-gate-debugsource-0:1.0.5-1.el8cf.x86_64"
},
"product_reference": "rubygem-surro-gate-debugsource-0:1.0.5-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-surro-gate-doc-0:1.0.5-1.el8cf.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-surro-gate-doc-0:1.0.5-1.el8cf.noarch"
},
"product_reference": "rubygem-surro-gate-doc-0:1.0.5-1.el8cf.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-unf_ext-0:0.0.7.6-1.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-unf_ext-0:0.0.7.6-1.el8cf.src"
},
"product_reference": "rubygem-unf_ext-0:0.0.7.6-1.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-unf_ext-0:0.0.7.6-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-unf_ext-0:0.0.7.6-1.el8cf.x86_64"
},
"product_reference": "rubygem-unf_ext-0:0.0.7.6-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-unf_ext-debuginfo-0:0.0.7.6-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-unf_ext-debuginfo-0:0.0.7.6-1.el8cf.x86_64"
},
"product_reference": "rubygem-unf_ext-debuginfo-0:0.0.7.6-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-unf_ext-debugsource-0:0.0.7.6-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-unf_ext-debugsource-0:0.0.7.6-1.el8cf.x86_64"
},
"product_reference": "rubygem-unf_ext-debugsource-0:0.0.7.6-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-unf_ext-doc-0:0.0.7.6-1.el8cf.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-unf_ext-doc-0:0.0.7.6-1.el8cf.noarch"
},
"product_reference": "rubygem-unf_ext-doc-0:0.0.7.6-1.el8cf.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-websocket-driver-0:0.6.5-1.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-websocket-driver-0:0.6.5-1.el8cf.src"
},
"product_reference": "rubygem-websocket-driver-0:0.6.5-1.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-websocket-driver-0:0.6.5-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-websocket-driver-0:0.6.5-1.el8cf.x86_64"
},
"product_reference": "rubygem-websocket-driver-0:0.6.5-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-websocket-driver-debuginfo-0:0.6.5-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-websocket-driver-debuginfo-0:0.6.5-1.el8cf.x86_64"
},
"product_reference": "rubygem-websocket-driver-debuginfo-0:0.6.5-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-websocket-driver-debugsource-0:0.6.5-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-websocket-driver-debugsource-0:0.6.5-1.el8cf.x86_64"
},
"product_reference": "rubygem-websocket-driver-debugsource-0:0.6.5-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-websocket-driver-doc-0:0.6.5-1.el8cf.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-websocket-driver-doc-0:0.6.5-1.el8cf.noarch"
},
"product_reference": "rubygem-websocket-driver-doc-0:0.6.5-1.el8cf.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "smem-0:1.4-1.el8cf.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:smem-0:1.4-1.el8cf.noarch"
},
"product_reference": "smem-0:1.4-1.el8cf.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "smem-0:1.4-1.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:smem-0:1.4-1.el8cf.src"
},
"product_reference": "smem-0:1.4-1.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "v2v-conversion-host-0:1.14.2-1.el8ev.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:v2v-conversion-host-0:1.14.2-1.el8ev.src"
},
"product_reference": "v2v-conversion-host-0:1.14.2-1.el8ev.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "v2v-conversion-host-ansible-0:1.14.2-1.el8ev.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:v2v-conversion-host-ansible-0:1.14.2-1.el8ev.noarch"
},
"product_reference": "v2v-conversion-host-ansible-0:1.14.2-1.el8ev.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wmi-0:1.3.14-8.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:wmi-0:1.3.14-8.el8cf.src"
},
"product_reference": "wmi-0:1.3.14-8.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wmi-0:1.3.14-8.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:wmi-0:1.3.14-8.el8cf.x86_64"
},
"product_reference": "wmi-0:1.3.14-8.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wmi-debuginfo-0:1.3.14-8.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:wmi-debuginfo-0:1.3.14-8.el8cf.x86_64"
},
"product_reference": "wmi-debuginfo-0:1.3.14-8.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wmi-debugsource-0:1.3.14-8.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:wmi-debugsource-0:1.3.14-8.el8cf.x86_64"
},
"product_reference": "wmi-debugsource-0:1.3.14-8.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-10735",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668097"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the data-target attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-CFME-5.11:ansible-runner-0:1.3.4-2.el8ar.noarch",
"8Base-CFME-5.11:ansible-runner-0:1.3.4-2.el8ar.src",
"8Base-CFME-5.11:ansible-tower-venv-ansible-0:3.5.2-1.el8at.x86_64",
"8Base-CFME-5.11:cfme-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-amazon-smartstate-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-amazon-smartstate-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-appliance-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-appliance-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-appliance-common-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-appliance-tools-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-gemset-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-gemset-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:ovirt-ansible-cluster-upgrade-0:1.1.13-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-cluster-upgrade-0:1.1.13-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-disaster-recovery-0:1.2.0-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-disaster-recovery-0:1.2.0-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-engine-setup-0:1.1.9-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-engine-setup-0:1.1.9-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-hosted-engine-setup-0:1.0.26-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-hosted-engine-setup-0:1.0.26-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-image-template-0:1.1.11-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-image-template-0:1.1.11-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-infra-0:1.1.12-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-infra-0:1.1.12-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-manageiq-0:1.1.14-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-manageiq-0:1.1.14-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-repositories-0:1.1.5-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-repositories-0:1.1.5-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-roles-0:1.1.7-2.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-roles-0:1.1.7-2.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-shutdown-env-0:1.0.3-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-shutdown-env-0:1.0.3-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-vm-infra-0:1.1.19-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-vm-infra-0:1.1.19-1.el8ev.src",
"8Base-CFME-5.11:prince-0:12.4-1.el8cf.src",
"8Base-CFME-5.11:prince-0:12.4-1.el8cf.x86_64",
"8Base-CFME-5.11:python-bambou-0:3.0.1-2.el8cf.src",
"8Base-CFME-5.11:python-colorama-0:0.4.1-1.el8ost.src",
"8Base-CFME-5.11:python-daemon-0:2.1.2-9.el8ar.src",
"8Base-CFME-5.11:python-funcsigs-0:1.0.2-3.el8ost.src",
"8Base-CFME-5.11:python-future-0:0.16.0-1.el8cf.src",
"8Base-CFME-5.11:python-lockfile-1:0.11.0-8.el8ar.src",
"8Base-CFME-5.11:python-mock-0:2.0.0-11.el8ost.src",
"8Base-CFME-5.11:python-pbr-0:5.1.2-2.el8ost.src",
"8Base-CFME-5.11:python-pexpect-0:4.6-2.el8ar.src",
"8Base-CFME-5.11:python-psutil-0:5.4.3-5.el8ar.src",
"8Base-CFME-5.11:python-psutil-debugsource-0:5.4.3-5.el8ar.x86_64",
"8Base-CFME-5.11:python-pylxca-0:2.1.1-2.el8cf.src",
"8Base-CFME-5.11:python-requests-toolbelt-0:0.8.0-2.el8cf.src",
"8Base-CFME-5.11:python-tabulate-0:0.8.2-1.el8cf.src",
"8Base-CFME-5.11:python-vspk-0:5.3.2-2.el8cf.src",
"8Base-CFME-5.11:python3-ansible-runner-0:1.3.4-2.el8ar.noarch",
"8Base-CFME-5.11:python3-bambou-0:3.0.1-2.el8cf.noarch",
"8Base-CFME-5.11:python3-colorama-0:0.4.1-1.el8ost.noarch",
"8Base-CFME-5.11:python3-daemon-0:2.1.2-9.el8ar.noarch",
"8Base-CFME-5.11:python3-funcsigs-0:1.0.2-3.el8ost.noarch",
"8Base-CFME-5.11:python3-future-0:0.16.0-1.el8cf.noarch",
"8Base-CFME-5.11:python3-lockfile-1:0.11.0-8.el8ar.noarch",
"8Base-CFME-5.11:python3-mock-0:2.0.0-11.el8ost.noarch",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-0:4.3.2-1.el8ev.src",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-0:4.3.2-1.el8ev.x86_64",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-debuginfo-0:4.3.2-1.el8ev.x86_64",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-debugsource-0:4.3.2-1.el8ev.x86_64",
"8Base-CFME-5.11:python3-pbr-0:5.1.2-2.el8ost.noarch",
"8Base-CFME-5.11:python3-pexpect-0:4.6-2.el8ar.noarch",
"8Base-CFME-5.11:python3-psutil-0:5.4.3-5.el8ar.x86_64",
"8Base-CFME-5.11:python3-psutil-debuginfo-0:5.4.3-5.el8ar.x86_64",
"8Base-CFME-5.11:python3-pylxca-0:2.1.1-2.el8cf.noarch",
"8Base-CFME-5.11:python3-qpid-proton-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:python3-requests-toolbelt-0:0.8.0-2.el8cf.noarch",
"8Base-CFME-5.11:python3-tabulate-0:0.8.2-1.el8cf.noarch",
"8Base-CFME-5.11:python3-vspk-0:5.3.2-2.el8cf.noarch",
"8Base-CFME-5.11:qpid-proton-0:0.28.0-1.el8.src",
"8Base-CFME-5.11:qpid-proton-c-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-c-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-c-devel-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-c-docs-0:0.28.0-1.el8.noarch",
"8Base-CFME-5.11:qpid-proton-cpp-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-debugsource-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:repmgr10-0:4.0.6-3.el8cf.src",
"8Base-CFME-5.11:repmgr10-0:4.0.6-3.el8cf.x86_64",
"8Base-CFME-5.11:repmgr10-debuginfo-0:4.0.6-3.el8cf.x86_64",
"8Base-CFME-5.11:repmgr10-debugsource-0:4.0.6-3.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-0:3.1.13-1.el8cf.src",
"8Base-CFME-5.11:rubygem-bcrypt-0:3.1.13-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-debuginfo-0:3.1.13-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-debugsource-0:3.1.13-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-doc-0:3.1.13-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-byebug-0:11.0.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-byebug-0:11.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-byebug-debuginfo-0:11.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-byebug-debugsource-0:11.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-byebug-doc-0:11.0.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-escape_utils-0:1.2.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-escape_utils-0:1.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-escape_utils-debuginfo-0:1.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-escape_utils-debugsource-0:1.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-escape_utils-doc-0:1.2.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-ffi-0:1.9.25-1.el8cf.src",
"8Base-CFME-5.11:rubygem-ffi-0:1.9.25-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ffi-debuginfo-0:1.9.25-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ffi-debugsource-0:1.9.25-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ffi-doc-0:1.9.25-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-hamlit-0:2.8.10-1.el8cf.src",
"8Base-CFME-5.11:rubygem-hamlit-0:2.8.10-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-hamlit-debuginfo-0:2.8.10-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-hamlit-debugsource-0:2.8.10-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-hamlit-doc-0:2.8.10-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-http_parser.rb-0:0.6.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-http_parser.rb-0:0.6.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-http_parser.rb-debuginfo-0:0.6.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-http_parser.rb-debugsource-0:0.6.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-http_parser.rb-doc-0:0.6.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-linux_block_device-0:0.2.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-linux_block_device-0:0.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-linux_block_device-debuginfo-0:0.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-linux_block_device-debugsource-0:0.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-linux_block_device-doc-0:0.2.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-memory_buffer-0:0.1.0-2.el8cf.src",
"8Base-CFME-5.11:rubygem-memory_buffer-0:0.1.0-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-memory_buffer-debuginfo-0:0.1.0-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-memory_buffer-debugsource-0:0.1.0-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-memory_buffer-doc-0:0.1.0-2.el8cf.noarch",
"8Base-CFME-5.11:rubygem-nio4r-0:2.4.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-nio4r-0:2.4.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nio4r-debuginfo-0:2.4.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nio4r-debugsource-0:2.4.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nio4r-doc-0:2.4.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-nokogiri-0:1.8.5-1.el8cf.src",
"8Base-CFME-5.11:rubygem-nokogiri-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nokogiri-debuginfo-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nokogiri-debugsource-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nokogiri-doc-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-0:4.3.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-0:4.3.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-debuginfo-0:4.3.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-debugsource-0:4.3.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-doc-0:4.3.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-puma-0:3.7.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-puma-0:3.7.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-puma-debuginfo-0:3.7.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-puma-debugsource-0:3.7.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-puma-doc-0:3.7.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-qpid_proton-0:0.26.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-qpid_proton-0:0.26.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-qpid_proton-debuginfo-0:0.26.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-qpid_proton-debugsource-0:0.26.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-qpid_proton-doc-0:0.26.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-rugged-0:0.28.2-1.el8cf.src",
"8Base-CFME-5.11:rubygem-rugged-0:0.28.2-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-rugged-debuginfo-0:0.28.2-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-rugged-debugsource-0:0.28.2-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-rugged-doc-0:0.28.2-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-sassc-0:2.0.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-sassc-0:2.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sassc-debuginfo-0:2.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sassc-debugsource-0:2.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sassc-doc-0:2.0.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-sqlite3-0:1.3.13-2.el8cf.src",
"8Base-CFME-5.11:rubygem-sqlite3-0:1.3.13-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sqlite3-debuginfo-0:1.3.13-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sqlite3-debugsource-0:1.3.13-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sqlite3-doc-0:1.3.13-2.el8cf.noarch",
"8Base-CFME-5.11:rubygem-surro-gate-0:1.0.5-1.el8cf.src",
"8Base-CFME-5.11:rubygem-surro-gate-0:1.0.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-surro-gate-debuginfo-0:1.0.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-surro-gate-debugsource-0:1.0.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-surro-gate-doc-0:1.0.5-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-unf_ext-0:0.0.7.6-1.el8cf.src",
"8Base-CFME-5.11:rubygem-unf_ext-0:0.0.7.6-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-unf_ext-debuginfo-0:0.0.7.6-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-unf_ext-debugsource-0:0.0.7.6-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-unf_ext-doc-0:0.0.7.6-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-websocket-driver-0:0.6.5-1.el8cf.src",
"8Base-CFME-5.11:rubygem-websocket-driver-0:0.6.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-websocket-driver-debuginfo-0:0.6.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-websocket-driver-debugsource-0:0.6.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-websocket-driver-doc-0:0.6.5-1.el8cf.noarch",
"8Base-CFME-5.11:smem-0:1.4-1.el8cf.noarch",
"8Base-CFME-5.11:smem-0:1.4-1.el8cf.src",
"8Base-CFME-5.11:v2v-conversion-host-0:1.14.2-1.el8ev.src",
"8Base-CFME-5.11:v2v-conversion-host-ansible-0:1.14.2-1.el8ev.noarch",
"8Base-CFME-5.11:wmi-0:1.3.14-8.el8cf.src",
"8Base-CFME-5.11:wmi-0:1.3.14-8.el8cf.x86_64",
"8Base-CFME-5.11:wmi-debuginfo-0:1.3.14-8.el8cf.x86_64",
"8Base-CFME-5.11:wmi-debugsource-0:1.3.14-8.el8cf.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-10735"
},
{
"category": "external",
"summary": "RHBZ#1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10735"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735"
}
],
"release_date": "2016-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-12-12T13:34:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nIf the postgresql service is running, it will be automatically restarted after installing this update. After installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"8Base-CFME-5.11:ansible-runner-0:1.3.4-2.el8ar.noarch",
"8Base-CFME-5.11:ansible-runner-0:1.3.4-2.el8ar.src",
"8Base-CFME-5.11:ansible-tower-venv-ansible-0:3.5.2-1.el8at.x86_64",
"8Base-CFME-5.11:cfme-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-amazon-smartstate-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-amazon-smartstate-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-appliance-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-appliance-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-appliance-common-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-appliance-tools-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-gemset-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-gemset-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:ovirt-ansible-cluster-upgrade-0:1.1.13-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-cluster-upgrade-0:1.1.13-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-disaster-recovery-0:1.2.0-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-disaster-recovery-0:1.2.0-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-engine-setup-0:1.1.9-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-engine-setup-0:1.1.9-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-hosted-engine-setup-0:1.0.26-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-hosted-engine-setup-0:1.0.26-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-image-template-0:1.1.11-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-image-template-0:1.1.11-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-infra-0:1.1.12-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-infra-0:1.1.12-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-manageiq-0:1.1.14-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-manageiq-0:1.1.14-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-repositories-0:1.1.5-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-repositories-0:1.1.5-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-roles-0:1.1.7-2.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-roles-0:1.1.7-2.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-shutdown-env-0:1.0.3-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-shutdown-env-0:1.0.3-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-vm-infra-0:1.1.19-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-vm-infra-0:1.1.19-1.el8ev.src",
"8Base-CFME-5.11:prince-0:12.4-1.el8cf.src",
"8Base-CFME-5.11:prince-0:12.4-1.el8cf.x86_64",
"8Base-CFME-5.11:python-bambou-0:3.0.1-2.el8cf.src",
"8Base-CFME-5.11:python-colorama-0:0.4.1-1.el8ost.src",
"8Base-CFME-5.11:python-daemon-0:2.1.2-9.el8ar.src",
"8Base-CFME-5.11:python-funcsigs-0:1.0.2-3.el8ost.src",
"8Base-CFME-5.11:python-future-0:0.16.0-1.el8cf.src",
"8Base-CFME-5.11:python-lockfile-1:0.11.0-8.el8ar.src",
"8Base-CFME-5.11:python-mock-0:2.0.0-11.el8ost.src",
"8Base-CFME-5.11:python-pbr-0:5.1.2-2.el8ost.src",
"8Base-CFME-5.11:python-pexpect-0:4.6-2.el8ar.src",
"8Base-CFME-5.11:python-psutil-0:5.4.3-5.el8ar.src",
"8Base-CFME-5.11:python-psutil-debugsource-0:5.4.3-5.el8ar.x86_64",
"8Base-CFME-5.11:python-pylxca-0:2.1.1-2.el8cf.src",
"8Base-CFME-5.11:python-requests-toolbelt-0:0.8.0-2.el8cf.src",
"8Base-CFME-5.11:python-tabulate-0:0.8.2-1.el8cf.src",
"8Base-CFME-5.11:python-vspk-0:5.3.2-2.el8cf.src",
"8Base-CFME-5.11:python3-ansible-runner-0:1.3.4-2.el8ar.noarch",
"8Base-CFME-5.11:python3-bambou-0:3.0.1-2.el8cf.noarch",
"8Base-CFME-5.11:python3-colorama-0:0.4.1-1.el8ost.noarch",
"8Base-CFME-5.11:python3-daemon-0:2.1.2-9.el8ar.noarch",
"8Base-CFME-5.11:python3-funcsigs-0:1.0.2-3.el8ost.noarch",
"8Base-CFME-5.11:python3-future-0:0.16.0-1.el8cf.noarch",
"8Base-CFME-5.11:python3-lockfile-1:0.11.0-8.el8ar.noarch",
"8Base-CFME-5.11:python3-mock-0:2.0.0-11.el8ost.noarch",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-0:4.3.2-1.el8ev.src",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-0:4.3.2-1.el8ev.x86_64",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-debuginfo-0:4.3.2-1.el8ev.x86_64",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-debugsource-0:4.3.2-1.el8ev.x86_64",
"8Base-CFME-5.11:python3-pbr-0:5.1.2-2.el8ost.noarch",
"8Base-CFME-5.11:python3-pexpect-0:4.6-2.el8ar.noarch",
"8Base-CFME-5.11:python3-psutil-0:5.4.3-5.el8ar.x86_64",
"8Base-CFME-5.11:python3-psutil-debuginfo-0:5.4.3-5.el8ar.x86_64",
"8Base-CFME-5.11:python3-pylxca-0:2.1.1-2.el8cf.noarch",
"8Base-CFME-5.11:python3-qpid-proton-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:python3-requests-toolbelt-0:0.8.0-2.el8cf.noarch",
"8Base-CFME-5.11:python3-tabulate-0:0.8.2-1.el8cf.noarch",
"8Base-CFME-5.11:python3-vspk-0:5.3.2-2.el8cf.noarch",
"8Base-CFME-5.11:qpid-proton-0:0.28.0-1.el8.src",
"8Base-CFME-5.11:qpid-proton-c-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-c-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-c-devel-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-c-docs-0:0.28.0-1.el8.noarch",
"8Base-CFME-5.11:qpid-proton-cpp-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-debugsource-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:repmgr10-0:4.0.6-3.el8cf.src",
"8Base-CFME-5.11:repmgr10-0:4.0.6-3.el8cf.x86_64",
"8Base-CFME-5.11:repmgr10-debuginfo-0:4.0.6-3.el8cf.x86_64",
"8Base-CFME-5.11:repmgr10-debugsource-0:4.0.6-3.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-0:3.1.13-1.el8cf.src",
"8Base-CFME-5.11:rubygem-bcrypt-0:3.1.13-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-debuginfo-0:3.1.13-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-debugsource-0:3.1.13-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-doc-0:3.1.13-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-byebug-0:11.0.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-byebug-0:11.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-byebug-debuginfo-0:11.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-byebug-debugsource-0:11.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-byebug-doc-0:11.0.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-escape_utils-0:1.2.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-escape_utils-0:1.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-escape_utils-debuginfo-0:1.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-escape_utils-debugsource-0:1.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-escape_utils-doc-0:1.2.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-ffi-0:1.9.25-1.el8cf.src",
"8Base-CFME-5.11:rubygem-ffi-0:1.9.25-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ffi-debuginfo-0:1.9.25-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ffi-debugsource-0:1.9.25-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ffi-doc-0:1.9.25-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-hamlit-0:2.8.10-1.el8cf.src",
"8Base-CFME-5.11:rubygem-hamlit-0:2.8.10-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-hamlit-debuginfo-0:2.8.10-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-hamlit-debugsource-0:2.8.10-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-hamlit-doc-0:2.8.10-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-http_parser.rb-0:0.6.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-http_parser.rb-0:0.6.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-http_parser.rb-debuginfo-0:0.6.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-http_parser.rb-debugsource-0:0.6.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-http_parser.rb-doc-0:0.6.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-linux_block_device-0:0.2.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-linux_block_device-0:0.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-linux_block_device-debuginfo-0:0.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-linux_block_device-debugsource-0:0.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-linux_block_device-doc-0:0.2.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-memory_buffer-0:0.1.0-2.el8cf.src",
"8Base-CFME-5.11:rubygem-memory_buffer-0:0.1.0-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-memory_buffer-debuginfo-0:0.1.0-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-memory_buffer-debugsource-0:0.1.0-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-memory_buffer-doc-0:0.1.0-2.el8cf.noarch",
"8Base-CFME-5.11:rubygem-nio4r-0:2.4.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-nio4r-0:2.4.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nio4r-debuginfo-0:2.4.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nio4r-debugsource-0:2.4.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nio4r-doc-0:2.4.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-nokogiri-0:1.8.5-1.el8cf.src",
"8Base-CFME-5.11:rubygem-nokogiri-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nokogiri-debuginfo-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nokogiri-debugsource-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nokogiri-doc-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-0:4.3.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-0:4.3.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-debuginfo-0:4.3.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-debugsource-0:4.3.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-doc-0:4.3.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-puma-0:3.7.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-puma-0:3.7.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-puma-debuginfo-0:3.7.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-puma-debugsource-0:3.7.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-puma-doc-0:3.7.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-qpid_proton-0:0.26.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-qpid_proton-0:0.26.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-qpid_proton-debuginfo-0:0.26.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-qpid_proton-debugsource-0:0.26.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-qpid_proton-doc-0:0.26.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-rugged-0:0.28.2-1.el8cf.src",
"8Base-CFME-5.11:rubygem-rugged-0:0.28.2-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-rugged-debuginfo-0:0.28.2-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-rugged-debugsource-0:0.28.2-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-rugged-doc-0:0.28.2-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-sassc-0:2.0.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-sassc-0:2.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sassc-debuginfo-0:2.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sassc-debugsource-0:2.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sassc-doc-0:2.0.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-sqlite3-0:1.3.13-2.el8cf.src",
"8Base-CFME-5.11:rubygem-sqlite3-0:1.3.13-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sqlite3-debuginfo-0:1.3.13-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sqlite3-debugsource-0:1.3.13-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sqlite3-doc-0:1.3.13-2.el8cf.noarch",
"8Base-CFME-5.11:rubygem-surro-gate-0:1.0.5-1.el8cf.src",
"8Base-CFME-5.11:rubygem-surro-gate-0:1.0.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-surro-gate-debuginfo-0:1.0.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-surro-gate-debugsource-0:1.0.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-surro-gate-doc-0:1.0.5-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-unf_ext-0:0.0.7.6-1.el8cf.src",
"8Base-CFME-5.11:rubygem-unf_ext-0:0.0.7.6-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-unf_ext-debuginfo-0:0.0.7.6-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-unf_ext-debugsource-0:0.0.7.6-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-unf_ext-doc-0:0.0.7.6-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-websocket-driver-0:0.6.5-1.el8cf.src",
"8Base-CFME-5.11:rubygem-websocket-driver-0:0.6.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-websocket-driver-debuginfo-0:0.6.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-websocket-driver-debugsource-0:0.6.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-websocket-driver-doc-0:0.6.5-1.el8cf.noarch",
"8Base-CFME-5.11:smem-0:1.4-1.el8cf.noarch",
"8Base-CFME-5.11:smem-0:1.4-1.el8cf.src",
"8Base-CFME-5.11:v2v-conversion-host-0:1.14.2-1.el8ev.src",
"8Base-CFME-5.11:v2v-conversion-host-ansible-0:1.14.2-1.el8ev.noarch",
"8Base-CFME-5.11:wmi-0:1.3.14-8.el8cf.src",
"8Base-CFME-5.11:wmi-0:1.3.14-8.el8cf.x86_64",
"8Base-CFME-5.11:wmi-debuginfo-0:1.3.14-8.el8cf.x86_64",
"8Base-CFME-5.11:wmi-debugsource-0:1.3.14-8.el8cf.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2019:4199"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"8Base-CFME-5.11:ansible-runner-0:1.3.4-2.el8ar.noarch",
"8Base-CFME-5.11:ansible-runner-0:1.3.4-2.el8ar.src",
"8Base-CFME-5.11:ansible-tower-venv-ansible-0:3.5.2-1.el8at.x86_64",
"8Base-CFME-5.11:cfme-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-amazon-smartstate-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-amazon-smartstate-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-appliance-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-appliance-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-appliance-common-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-appliance-tools-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-gemset-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-gemset-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:ovirt-ansible-cluster-upgrade-0:1.1.13-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-cluster-upgrade-0:1.1.13-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-disaster-recovery-0:1.2.0-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-disaster-recovery-0:1.2.0-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-engine-setup-0:1.1.9-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-engine-setup-0:1.1.9-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-hosted-engine-setup-0:1.0.26-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-hosted-engine-setup-0:1.0.26-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-image-template-0:1.1.11-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-image-template-0:1.1.11-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-infra-0:1.1.12-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-infra-0:1.1.12-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-manageiq-0:1.1.14-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-manageiq-0:1.1.14-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-repositories-0:1.1.5-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-repositories-0:1.1.5-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-roles-0:1.1.7-2.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-roles-0:1.1.7-2.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-shutdown-env-0:1.0.3-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-shutdown-env-0:1.0.3-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-vm-infra-0:1.1.19-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-vm-infra-0:1.1.19-1.el8ev.src",
"8Base-CFME-5.11:prince-0:12.4-1.el8cf.src",
"8Base-CFME-5.11:prince-0:12.4-1.el8cf.x86_64",
"8Base-CFME-5.11:python-bambou-0:3.0.1-2.el8cf.src",
"8Base-CFME-5.11:python-colorama-0:0.4.1-1.el8ost.src",
"8Base-CFME-5.11:python-daemon-0:2.1.2-9.el8ar.src",
"8Base-CFME-5.11:python-funcsigs-0:1.0.2-3.el8ost.src",
"8Base-CFME-5.11:python-future-0:0.16.0-1.el8cf.src",
"8Base-CFME-5.11:python-lockfile-1:0.11.0-8.el8ar.src",
"8Base-CFME-5.11:python-mock-0:2.0.0-11.el8ost.src",
"8Base-CFME-5.11:python-pbr-0:5.1.2-2.el8ost.src",
"8Base-CFME-5.11:python-pexpect-0:4.6-2.el8ar.src",
"8Base-CFME-5.11:python-psutil-0:5.4.3-5.el8ar.src",
"8Base-CFME-5.11:python-psutil-debugsource-0:5.4.3-5.el8ar.x86_64",
"8Base-CFME-5.11:python-pylxca-0:2.1.1-2.el8cf.src",
"8Base-CFME-5.11:python-requests-toolbelt-0:0.8.0-2.el8cf.src",
"8Base-CFME-5.11:python-tabulate-0:0.8.2-1.el8cf.src",
"8Base-CFME-5.11:python-vspk-0:5.3.2-2.el8cf.src",
"8Base-CFME-5.11:python3-ansible-runner-0:1.3.4-2.el8ar.noarch",
"8Base-CFME-5.11:python3-bambou-0:3.0.1-2.el8cf.noarch",
"8Base-CFME-5.11:python3-colorama-0:0.4.1-1.el8ost.noarch",
"8Base-CFME-5.11:python3-daemon-0:2.1.2-9.el8ar.noarch",
"8Base-CFME-5.11:python3-funcsigs-0:1.0.2-3.el8ost.noarch",
"8Base-CFME-5.11:python3-future-0:0.16.0-1.el8cf.noarch",
"8Base-CFME-5.11:python3-lockfile-1:0.11.0-8.el8ar.noarch",
"8Base-CFME-5.11:python3-mock-0:2.0.0-11.el8ost.noarch",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-0:4.3.2-1.el8ev.src",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-0:4.3.2-1.el8ev.x86_64",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-debuginfo-0:4.3.2-1.el8ev.x86_64",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-debugsource-0:4.3.2-1.el8ev.x86_64",
"8Base-CFME-5.11:python3-pbr-0:5.1.2-2.el8ost.noarch",
"8Base-CFME-5.11:python3-pexpect-0:4.6-2.el8ar.noarch",
"8Base-CFME-5.11:python3-psutil-0:5.4.3-5.el8ar.x86_64",
"8Base-CFME-5.11:python3-psutil-debuginfo-0:5.4.3-5.el8ar.x86_64",
"8Base-CFME-5.11:python3-pylxca-0:2.1.1-2.el8cf.noarch",
"8Base-CFME-5.11:python3-qpid-proton-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:python3-requests-toolbelt-0:0.8.0-2.el8cf.noarch",
"8Base-CFME-5.11:python3-tabulate-0:0.8.2-1.el8cf.noarch",
"8Base-CFME-5.11:python3-vspk-0:5.3.2-2.el8cf.noarch",
"8Base-CFME-5.11:qpid-proton-0:0.28.0-1.el8.src",
"8Base-CFME-5.11:qpid-proton-c-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-c-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-c-devel-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-c-docs-0:0.28.0-1.el8.noarch",
"8Base-CFME-5.11:qpid-proton-cpp-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-debugsource-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:repmgr10-0:4.0.6-3.el8cf.src",
"8Base-CFME-5.11:repmgr10-0:4.0.6-3.el8cf.x86_64",
"8Base-CFME-5.11:repmgr10-debuginfo-0:4.0.6-3.el8cf.x86_64",
"8Base-CFME-5.11:repmgr10-debugsource-0:4.0.6-3.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-0:3.1.13-1.el8cf.src",
"8Base-CFME-5.11:rubygem-bcrypt-0:3.1.13-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-debuginfo-0:3.1.13-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-debugsource-0:3.1.13-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-doc-0:3.1.13-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-byebug-0:11.0.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-byebug-0:11.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-byebug-debuginfo-0:11.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-byebug-debugsource-0:11.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-byebug-doc-0:11.0.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-escape_utils-0:1.2.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-escape_utils-0:1.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-escape_utils-debuginfo-0:1.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-escape_utils-debugsource-0:1.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-escape_utils-doc-0:1.2.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-ffi-0:1.9.25-1.el8cf.src",
"8Base-CFME-5.11:rubygem-ffi-0:1.9.25-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ffi-debuginfo-0:1.9.25-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ffi-debugsource-0:1.9.25-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ffi-doc-0:1.9.25-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-hamlit-0:2.8.10-1.el8cf.src",
"8Base-CFME-5.11:rubygem-hamlit-0:2.8.10-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-hamlit-debuginfo-0:2.8.10-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-hamlit-debugsource-0:2.8.10-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-hamlit-doc-0:2.8.10-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-http_parser.rb-0:0.6.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-http_parser.rb-0:0.6.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-http_parser.rb-debuginfo-0:0.6.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-http_parser.rb-debugsource-0:0.6.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-http_parser.rb-doc-0:0.6.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-linux_block_device-0:0.2.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-linux_block_device-0:0.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-linux_block_device-debuginfo-0:0.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-linux_block_device-debugsource-0:0.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-linux_block_device-doc-0:0.2.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-memory_buffer-0:0.1.0-2.el8cf.src",
"8Base-CFME-5.11:rubygem-memory_buffer-0:0.1.0-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-memory_buffer-debuginfo-0:0.1.0-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-memory_buffer-debugsource-0:0.1.0-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-memory_buffer-doc-0:0.1.0-2.el8cf.noarch",
"8Base-CFME-5.11:rubygem-nio4r-0:2.4.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-nio4r-0:2.4.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nio4r-debuginfo-0:2.4.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nio4r-debugsource-0:2.4.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nio4r-doc-0:2.4.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-nokogiri-0:1.8.5-1.el8cf.src",
"8Base-CFME-5.11:rubygem-nokogiri-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nokogiri-debuginfo-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nokogiri-debugsource-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nokogiri-doc-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-0:4.3.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-0:4.3.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-debuginfo-0:4.3.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-debugsource-0:4.3.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-doc-0:4.3.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-puma-0:3.7.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-puma-0:3.7.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-puma-debuginfo-0:3.7.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-puma-debugsource-0:3.7.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-puma-doc-0:3.7.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-qpid_proton-0:0.26.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-qpid_proton-0:0.26.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-qpid_proton-debuginfo-0:0.26.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-qpid_proton-debugsource-0:0.26.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-qpid_proton-doc-0:0.26.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-rugged-0:0.28.2-1.el8cf.src",
"8Base-CFME-5.11:rubygem-rugged-0:0.28.2-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-rugged-debuginfo-0:0.28.2-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-rugged-debugsource-0:0.28.2-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-rugged-doc-0:0.28.2-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-sassc-0:2.0.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-sassc-0:2.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sassc-debuginfo-0:2.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sassc-debugsource-0:2.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sassc-doc-0:2.0.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-sqlite3-0:1.3.13-2.el8cf.src",
"8Base-CFME-5.11:rubygem-sqlite3-0:1.3.13-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sqlite3-debuginfo-0:1.3.13-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sqlite3-debugsource-0:1.3.13-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sqlite3-doc-0:1.3.13-2.el8cf.noarch",
"8Base-CFME-5.11:rubygem-surro-gate-0:1.0.5-1.el8cf.src",
"8Base-CFME-5.11:rubygem-surro-gate-0:1.0.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-surro-gate-debuginfo-0:1.0.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-surro-gate-debugsource-0:1.0.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-surro-gate-doc-0:1.0.5-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-unf_ext-0:0.0.7.6-1.el8cf.src",
"8Base-CFME-5.11:rubygem-unf_ext-0:0.0.7.6-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-unf_ext-debuginfo-0:0.0.7.6-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-unf_ext-debugsource-0:0.0.7.6-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-unf_ext-doc-0:0.0.7.6-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-websocket-driver-0:0.6.5-1.el8cf.src",
"8Base-CFME-5.11:rubygem-websocket-driver-0:0.6.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-websocket-driver-debuginfo-0:0.6.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-websocket-driver-debugsource-0:0.6.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-websocket-driver-doc-0:0.6.5-1.el8cf.noarch",
"8Base-CFME-5.11:smem-0:1.4-1.el8cf.noarch",
"8Base-CFME-5.11:smem-0:1.4-1.el8cf.src",
"8Base-CFME-5.11:v2v-conversion-host-0:1.14.2-1.el8ev.src",
"8Base-CFME-5.11:v2v-conversion-host-ansible-0:1.14.2-1.el8ev.noarch",
"8Base-CFME-5.11:wmi-0:1.3.14-8.el8cf.src",
"8Base-CFME-5.11:wmi-0:1.3.14-8.el8cf.x86_64",
"8Base-CFME-5.11:wmi-debuginfo-0:1.3.14-8.el8cf.x86_64",
"8Base-CFME-5.11:wmi-debugsource-0:1.3.14-8.el8cf.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the data-target attribute"
},
{
"cve": "CVE-2019-0223",
"cwe": {
"id": "CWE-300",
"name": "Channel Accessible by Non-Endpoint"
},
"discovery_date": "2019-04-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1702439"
}
],
"notes": [
{
"category": "description",
"text": "A cryptographic weakness was discovered in qpid-proton\u0027s use of TLS. If the qpid-proton client was used without client certificates, it would accept an anonymous cipher offered by the server. A man-in-the-middle attacker could use this to silently intercept traffic that should have been encrypted.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "qpid-proton: TLS Man in the Middle Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform 14 (and its Operational Tools) is impacted by this flaw; other supported versions are not vulnerable.\n\nRed Hat Virtualization 4 uses qpid-proton for katello-agent, which always uses client certificate authentication.\n\nRed Hat Update Infrastructure 3 is impacted by this flaw, however in its default configuration client certificate authentication is used and qpidd service, which uses qpid-proton, cannot be reach from other machines.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-CFME-5.11:ansible-runner-0:1.3.4-2.el8ar.noarch",
"8Base-CFME-5.11:ansible-runner-0:1.3.4-2.el8ar.src",
"8Base-CFME-5.11:ansible-tower-venv-ansible-0:3.5.2-1.el8at.x86_64",
"8Base-CFME-5.11:cfme-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-amazon-smartstate-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-amazon-smartstate-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-appliance-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-appliance-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-appliance-common-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-appliance-tools-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-gemset-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-gemset-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:ovirt-ansible-cluster-upgrade-0:1.1.13-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-cluster-upgrade-0:1.1.13-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-disaster-recovery-0:1.2.0-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-disaster-recovery-0:1.2.0-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-engine-setup-0:1.1.9-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-engine-setup-0:1.1.9-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-hosted-engine-setup-0:1.0.26-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-hosted-engine-setup-0:1.0.26-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-image-template-0:1.1.11-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-image-template-0:1.1.11-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-infra-0:1.1.12-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-infra-0:1.1.12-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-manageiq-0:1.1.14-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-manageiq-0:1.1.14-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-repositories-0:1.1.5-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-repositories-0:1.1.5-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-roles-0:1.1.7-2.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-roles-0:1.1.7-2.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-shutdown-env-0:1.0.3-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-shutdown-env-0:1.0.3-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-vm-infra-0:1.1.19-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-vm-infra-0:1.1.19-1.el8ev.src",
"8Base-CFME-5.11:prince-0:12.4-1.el8cf.src",
"8Base-CFME-5.11:prince-0:12.4-1.el8cf.x86_64",
"8Base-CFME-5.11:python-bambou-0:3.0.1-2.el8cf.src",
"8Base-CFME-5.11:python-colorama-0:0.4.1-1.el8ost.src",
"8Base-CFME-5.11:python-daemon-0:2.1.2-9.el8ar.src",
"8Base-CFME-5.11:python-funcsigs-0:1.0.2-3.el8ost.src",
"8Base-CFME-5.11:python-future-0:0.16.0-1.el8cf.src",
"8Base-CFME-5.11:python-lockfile-1:0.11.0-8.el8ar.src",
"8Base-CFME-5.11:python-mock-0:2.0.0-11.el8ost.src",
"8Base-CFME-5.11:python-pbr-0:5.1.2-2.el8ost.src",
"8Base-CFME-5.11:python-pexpect-0:4.6-2.el8ar.src",
"8Base-CFME-5.11:python-psutil-0:5.4.3-5.el8ar.src",
"8Base-CFME-5.11:python-psutil-debugsource-0:5.4.3-5.el8ar.x86_64",
"8Base-CFME-5.11:python-pylxca-0:2.1.1-2.el8cf.src",
"8Base-CFME-5.11:python-requests-toolbelt-0:0.8.0-2.el8cf.src",
"8Base-CFME-5.11:python-tabulate-0:0.8.2-1.el8cf.src",
"8Base-CFME-5.11:python-vspk-0:5.3.2-2.el8cf.src",
"8Base-CFME-5.11:python3-ansible-runner-0:1.3.4-2.el8ar.noarch",
"8Base-CFME-5.11:python3-bambou-0:3.0.1-2.el8cf.noarch",
"8Base-CFME-5.11:python3-colorama-0:0.4.1-1.el8ost.noarch",
"8Base-CFME-5.11:python3-daemon-0:2.1.2-9.el8ar.noarch",
"8Base-CFME-5.11:python3-funcsigs-0:1.0.2-3.el8ost.noarch",
"8Base-CFME-5.11:python3-future-0:0.16.0-1.el8cf.noarch",
"8Base-CFME-5.11:python3-lockfile-1:0.11.0-8.el8ar.noarch",
"8Base-CFME-5.11:python3-mock-0:2.0.0-11.el8ost.noarch",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-0:4.3.2-1.el8ev.src",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-0:4.3.2-1.el8ev.x86_64",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-debuginfo-0:4.3.2-1.el8ev.x86_64",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-debugsource-0:4.3.2-1.el8ev.x86_64",
"8Base-CFME-5.11:python3-pbr-0:5.1.2-2.el8ost.noarch",
"8Base-CFME-5.11:python3-pexpect-0:4.6-2.el8ar.noarch",
"8Base-CFME-5.11:python3-psutil-0:5.4.3-5.el8ar.x86_64",
"8Base-CFME-5.11:python3-psutil-debuginfo-0:5.4.3-5.el8ar.x86_64",
"8Base-CFME-5.11:python3-pylxca-0:2.1.1-2.el8cf.noarch",
"8Base-CFME-5.11:python3-qpid-proton-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:python3-requests-toolbelt-0:0.8.0-2.el8cf.noarch",
"8Base-CFME-5.11:python3-tabulate-0:0.8.2-1.el8cf.noarch",
"8Base-CFME-5.11:python3-vspk-0:5.3.2-2.el8cf.noarch",
"8Base-CFME-5.11:qpid-proton-0:0.28.0-1.el8.src",
"8Base-CFME-5.11:qpid-proton-c-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-c-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-c-devel-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-c-docs-0:0.28.0-1.el8.noarch",
"8Base-CFME-5.11:qpid-proton-cpp-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-debugsource-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:repmgr10-0:4.0.6-3.el8cf.src",
"8Base-CFME-5.11:repmgr10-0:4.0.6-3.el8cf.x86_64",
"8Base-CFME-5.11:repmgr10-debuginfo-0:4.0.6-3.el8cf.x86_64",
"8Base-CFME-5.11:repmgr10-debugsource-0:4.0.6-3.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-0:3.1.13-1.el8cf.src",
"8Base-CFME-5.11:rubygem-bcrypt-0:3.1.13-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-debuginfo-0:3.1.13-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-debugsource-0:3.1.13-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-doc-0:3.1.13-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-byebug-0:11.0.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-byebug-0:11.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-byebug-debuginfo-0:11.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-byebug-debugsource-0:11.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-byebug-doc-0:11.0.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-escape_utils-0:1.2.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-escape_utils-0:1.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-escape_utils-debuginfo-0:1.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-escape_utils-debugsource-0:1.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-escape_utils-doc-0:1.2.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-ffi-0:1.9.25-1.el8cf.src",
"8Base-CFME-5.11:rubygem-ffi-0:1.9.25-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ffi-debuginfo-0:1.9.25-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ffi-debugsource-0:1.9.25-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ffi-doc-0:1.9.25-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-hamlit-0:2.8.10-1.el8cf.src",
"8Base-CFME-5.11:rubygem-hamlit-0:2.8.10-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-hamlit-debuginfo-0:2.8.10-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-hamlit-debugsource-0:2.8.10-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-hamlit-doc-0:2.8.10-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-http_parser.rb-0:0.6.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-http_parser.rb-0:0.6.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-http_parser.rb-debuginfo-0:0.6.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-http_parser.rb-debugsource-0:0.6.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-http_parser.rb-doc-0:0.6.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-linux_block_device-0:0.2.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-linux_block_device-0:0.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-linux_block_device-debuginfo-0:0.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-linux_block_device-debugsource-0:0.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-linux_block_device-doc-0:0.2.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-memory_buffer-0:0.1.0-2.el8cf.src",
"8Base-CFME-5.11:rubygem-memory_buffer-0:0.1.0-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-memory_buffer-debuginfo-0:0.1.0-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-memory_buffer-debugsource-0:0.1.0-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-memory_buffer-doc-0:0.1.0-2.el8cf.noarch",
"8Base-CFME-5.11:rubygem-nio4r-0:2.4.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-nio4r-0:2.4.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nio4r-debuginfo-0:2.4.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nio4r-debugsource-0:2.4.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nio4r-doc-0:2.4.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-nokogiri-0:1.8.5-1.el8cf.src",
"8Base-CFME-5.11:rubygem-nokogiri-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nokogiri-debuginfo-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nokogiri-debugsource-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nokogiri-doc-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-0:4.3.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-0:4.3.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-debuginfo-0:4.3.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-debugsource-0:4.3.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-doc-0:4.3.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-puma-0:3.7.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-puma-0:3.7.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-puma-debuginfo-0:3.7.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-puma-debugsource-0:3.7.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-puma-doc-0:3.7.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-qpid_proton-0:0.26.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-qpid_proton-0:0.26.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-qpid_proton-debuginfo-0:0.26.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-qpid_proton-debugsource-0:0.26.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-qpid_proton-doc-0:0.26.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-rugged-0:0.28.2-1.el8cf.src",
"8Base-CFME-5.11:rubygem-rugged-0:0.28.2-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-rugged-debuginfo-0:0.28.2-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-rugged-debugsource-0:0.28.2-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-rugged-doc-0:0.28.2-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-sassc-0:2.0.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-sassc-0:2.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sassc-debuginfo-0:2.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sassc-debugsource-0:2.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sassc-doc-0:2.0.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-sqlite3-0:1.3.13-2.el8cf.src",
"8Base-CFME-5.11:rubygem-sqlite3-0:1.3.13-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sqlite3-debuginfo-0:1.3.13-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sqlite3-debugsource-0:1.3.13-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sqlite3-doc-0:1.3.13-2.el8cf.noarch",
"8Base-CFME-5.11:rubygem-surro-gate-0:1.0.5-1.el8cf.src",
"8Base-CFME-5.11:rubygem-surro-gate-0:1.0.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-surro-gate-debuginfo-0:1.0.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-surro-gate-debugsource-0:1.0.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-surro-gate-doc-0:1.0.5-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-unf_ext-0:0.0.7.6-1.el8cf.src",
"8Base-CFME-5.11:rubygem-unf_ext-0:0.0.7.6-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-unf_ext-debuginfo-0:0.0.7.6-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-unf_ext-debugsource-0:0.0.7.6-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-unf_ext-doc-0:0.0.7.6-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-websocket-driver-0:0.6.5-1.el8cf.src",
"8Base-CFME-5.11:rubygem-websocket-driver-0:0.6.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-websocket-driver-debuginfo-0:0.6.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-websocket-driver-debugsource-0:0.6.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-websocket-driver-doc-0:0.6.5-1.el8cf.noarch",
"8Base-CFME-5.11:smem-0:1.4-1.el8cf.noarch",
"8Base-CFME-5.11:smem-0:1.4-1.el8cf.src",
"8Base-CFME-5.11:v2v-conversion-host-0:1.14.2-1.el8ev.src",
"8Base-CFME-5.11:v2v-conversion-host-ansible-0:1.14.2-1.el8ev.noarch",
"8Base-CFME-5.11:wmi-0:1.3.14-8.el8cf.src",
"8Base-CFME-5.11:wmi-0:1.3.14-8.el8cf.x86_64",
"8Base-CFME-5.11:wmi-debuginfo-0:1.3.14-8.el8cf.x86_64",
"8Base-CFME-5.11:wmi-debugsource-0:1.3.14-8.el8cf.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-0223"
},
{
"category": "external",
"summary": "RHBZ#1702439",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1702439"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-0223",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0223"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-0223",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0223"
},
{
"category": "external",
"summary": "https://qpid.apache.org/cves/CVE-2019-0223.html",
"url": "https://qpid.apache.org/cves/CVE-2019-0223.html"
}
],
"release_date": "2019-04-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-12-12T13:34:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nIf the postgresql service is running, it will be automatically restarted after installing this update. After installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"8Base-CFME-5.11:ansible-runner-0:1.3.4-2.el8ar.noarch",
"8Base-CFME-5.11:ansible-runner-0:1.3.4-2.el8ar.src",
"8Base-CFME-5.11:ansible-tower-venv-ansible-0:3.5.2-1.el8at.x86_64",
"8Base-CFME-5.11:cfme-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-amazon-smartstate-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-amazon-smartstate-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-appliance-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-appliance-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-appliance-common-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-appliance-tools-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-gemset-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-gemset-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:ovirt-ansible-cluster-upgrade-0:1.1.13-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-cluster-upgrade-0:1.1.13-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-disaster-recovery-0:1.2.0-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-disaster-recovery-0:1.2.0-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-engine-setup-0:1.1.9-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-engine-setup-0:1.1.9-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-hosted-engine-setup-0:1.0.26-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-hosted-engine-setup-0:1.0.26-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-image-template-0:1.1.11-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-image-template-0:1.1.11-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-infra-0:1.1.12-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-infra-0:1.1.12-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-manageiq-0:1.1.14-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-manageiq-0:1.1.14-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-repositories-0:1.1.5-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-repositories-0:1.1.5-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-roles-0:1.1.7-2.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-roles-0:1.1.7-2.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-shutdown-env-0:1.0.3-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-shutdown-env-0:1.0.3-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-vm-infra-0:1.1.19-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-vm-infra-0:1.1.19-1.el8ev.src",
"8Base-CFME-5.11:prince-0:12.4-1.el8cf.src",
"8Base-CFME-5.11:prince-0:12.4-1.el8cf.x86_64",
"8Base-CFME-5.11:python-bambou-0:3.0.1-2.el8cf.src",
"8Base-CFME-5.11:python-colorama-0:0.4.1-1.el8ost.src",
"8Base-CFME-5.11:python-daemon-0:2.1.2-9.el8ar.src",
"8Base-CFME-5.11:python-funcsigs-0:1.0.2-3.el8ost.src",
"8Base-CFME-5.11:python-future-0:0.16.0-1.el8cf.src",
"8Base-CFME-5.11:python-lockfile-1:0.11.0-8.el8ar.src",
"8Base-CFME-5.11:python-mock-0:2.0.0-11.el8ost.src",
"8Base-CFME-5.11:python-pbr-0:5.1.2-2.el8ost.src",
"8Base-CFME-5.11:python-pexpect-0:4.6-2.el8ar.src",
"8Base-CFME-5.11:python-psutil-0:5.4.3-5.el8ar.src",
"8Base-CFME-5.11:python-psutil-debugsource-0:5.4.3-5.el8ar.x86_64",
"8Base-CFME-5.11:python-pylxca-0:2.1.1-2.el8cf.src",
"8Base-CFME-5.11:python-requests-toolbelt-0:0.8.0-2.el8cf.src",
"8Base-CFME-5.11:python-tabulate-0:0.8.2-1.el8cf.src",
"8Base-CFME-5.11:python-vspk-0:5.3.2-2.el8cf.src",
"8Base-CFME-5.11:python3-ansible-runner-0:1.3.4-2.el8ar.noarch",
"8Base-CFME-5.11:python3-bambou-0:3.0.1-2.el8cf.noarch",
"8Base-CFME-5.11:python3-colorama-0:0.4.1-1.el8ost.noarch",
"8Base-CFME-5.11:python3-daemon-0:2.1.2-9.el8ar.noarch",
"8Base-CFME-5.11:python3-funcsigs-0:1.0.2-3.el8ost.noarch",
"8Base-CFME-5.11:python3-future-0:0.16.0-1.el8cf.noarch",
"8Base-CFME-5.11:python3-lockfile-1:0.11.0-8.el8ar.noarch",
"8Base-CFME-5.11:python3-mock-0:2.0.0-11.el8ost.noarch",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-0:4.3.2-1.el8ev.src",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-0:4.3.2-1.el8ev.x86_64",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-debuginfo-0:4.3.2-1.el8ev.x86_64",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-debugsource-0:4.3.2-1.el8ev.x86_64",
"8Base-CFME-5.11:python3-pbr-0:5.1.2-2.el8ost.noarch",
"8Base-CFME-5.11:python3-pexpect-0:4.6-2.el8ar.noarch",
"8Base-CFME-5.11:python3-psutil-0:5.4.3-5.el8ar.x86_64",
"8Base-CFME-5.11:python3-psutil-debuginfo-0:5.4.3-5.el8ar.x86_64",
"8Base-CFME-5.11:python3-pylxca-0:2.1.1-2.el8cf.noarch",
"8Base-CFME-5.11:python3-qpid-proton-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:python3-requests-toolbelt-0:0.8.0-2.el8cf.noarch",
"8Base-CFME-5.11:python3-tabulate-0:0.8.2-1.el8cf.noarch",
"8Base-CFME-5.11:python3-vspk-0:5.3.2-2.el8cf.noarch",
"8Base-CFME-5.11:qpid-proton-0:0.28.0-1.el8.src",
"8Base-CFME-5.11:qpid-proton-c-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-c-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-c-devel-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-c-docs-0:0.28.0-1.el8.noarch",
"8Base-CFME-5.11:qpid-proton-cpp-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-debugsource-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:repmgr10-0:4.0.6-3.el8cf.src",
"8Base-CFME-5.11:repmgr10-0:4.0.6-3.el8cf.x86_64",
"8Base-CFME-5.11:repmgr10-debuginfo-0:4.0.6-3.el8cf.x86_64",
"8Base-CFME-5.11:repmgr10-debugsource-0:4.0.6-3.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-0:3.1.13-1.el8cf.src",
"8Base-CFME-5.11:rubygem-bcrypt-0:3.1.13-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-debuginfo-0:3.1.13-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-debugsource-0:3.1.13-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-doc-0:3.1.13-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-byebug-0:11.0.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-byebug-0:11.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-byebug-debuginfo-0:11.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-byebug-debugsource-0:11.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-byebug-doc-0:11.0.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-escape_utils-0:1.2.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-escape_utils-0:1.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-escape_utils-debuginfo-0:1.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-escape_utils-debugsource-0:1.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-escape_utils-doc-0:1.2.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-ffi-0:1.9.25-1.el8cf.src",
"8Base-CFME-5.11:rubygem-ffi-0:1.9.25-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ffi-debuginfo-0:1.9.25-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ffi-debugsource-0:1.9.25-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ffi-doc-0:1.9.25-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-hamlit-0:2.8.10-1.el8cf.src",
"8Base-CFME-5.11:rubygem-hamlit-0:2.8.10-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-hamlit-debuginfo-0:2.8.10-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-hamlit-debugsource-0:2.8.10-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-hamlit-doc-0:2.8.10-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-http_parser.rb-0:0.6.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-http_parser.rb-0:0.6.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-http_parser.rb-debuginfo-0:0.6.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-http_parser.rb-debugsource-0:0.6.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-http_parser.rb-doc-0:0.6.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-linux_block_device-0:0.2.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-linux_block_device-0:0.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-linux_block_device-debuginfo-0:0.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-linux_block_device-debugsource-0:0.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-linux_block_device-doc-0:0.2.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-memory_buffer-0:0.1.0-2.el8cf.src",
"8Base-CFME-5.11:rubygem-memory_buffer-0:0.1.0-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-memory_buffer-debuginfo-0:0.1.0-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-memory_buffer-debugsource-0:0.1.0-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-memory_buffer-doc-0:0.1.0-2.el8cf.noarch",
"8Base-CFME-5.11:rubygem-nio4r-0:2.4.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-nio4r-0:2.4.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nio4r-debuginfo-0:2.4.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nio4r-debugsource-0:2.4.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nio4r-doc-0:2.4.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-nokogiri-0:1.8.5-1.el8cf.src",
"8Base-CFME-5.11:rubygem-nokogiri-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nokogiri-debuginfo-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nokogiri-debugsource-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nokogiri-doc-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-0:4.3.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-0:4.3.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-debuginfo-0:4.3.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-debugsource-0:4.3.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-doc-0:4.3.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-puma-0:3.7.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-puma-0:3.7.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-puma-debuginfo-0:3.7.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-puma-debugsource-0:3.7.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-puma-doc-0:3.7.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-qpid_proton-0:0.26.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-qpid_proton-0:0.26.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-qpid_proton-debuginfo-0:0.26.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-qpid_proton-debugsource-0:0.26.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-qpid_proton-doc-0:0.26.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-rugged-0:0.28.2-1.el8cf.src",
"8Base-CFME-5.11:rubygem-rugged-0:0.28.2-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-rugged-debuginfo-0:0.28.2-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-rugged-debugsource-0:0.28.2-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-rugged-doc-0:0.28.2-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-sassc-0:2.0.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-sassc-0:2.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sassc-debuginfo-0:2.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sassc-debugsource-0:2.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sassc-doc-0:2.0.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-sqlite3-0:1.3.13-2.el8cf.src",
"8Base-CFME-5.11:rubygem-sqlite3-0:1.3.13-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sqlite3-debuginfo-0:1.3.13-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sqlite3-debugsource-0:1.3.13-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sqlite3-doc-0:1.3.13-2.el8cf.noarch",
"8Base-CFME-5.11:rubygem-surro-gate-0:1.0.5-1.el8cf.src",
"8Base-CFME-5.11:rubygem-surro-gate-0:1.0.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-surro-gate-debuginfo-0:1.0.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-surro-gate-debugsource-0:1.0.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-surro-gate-doc-0:1.0.5-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-unf_ext-0:0.0.7.6-1.el8cf.src",
"8Base-CFME-5.11:rubygem-unf_ext-0:0.0.7.6-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-unf_ext-debuginfo-0:0.0.7.6-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-unf_ext-debugsource-0:0.0.7.6-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-unf_ext-doc-0:0.0.7.6-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-websocket-driver-0:0.6.5-1.el8cf.src",
"8Base-CFME-5.11:rubygem-websocket-driver-0:0.6.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-websocket-driver-debuginfo-0:0.6.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-websocket-driver-debugsource-0:0.6.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-websocket-driver-doc-0:0.6.5-1.el8cf.noarch",
"8Base-CFME-5.11:smem-0:1.4-1.el8cf.noarch",
"8Base-CFME-5.11:smem-0:1.4-1.el8cf.src",
"8Base-CFME-5.11:v2v-conversion-host-0:1.14.2-1.el8ev.src",
"8Base-CFME-5.11:v2v-conversion-host-ansible-0:1.14.2-1.el8ev.noarch",
"8Base-CFME-5.11:wmi-0:1.3.14-8.el8cf.src",
"8Base-CFME-5.11:wmi-0:1.3.14-8.el8cf.x86_64",
"8Base-CFME-5.11:wmi-debuginfo-0:1.3.14-8.el8cf.x86_64",
"8Base-CFME-5.11:wmi-debugsource-0:1.3.14-8.el8cf.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2019:4199"
},
{
"category": "workaround",
"details": "This attack will not work if client-certificate authentication is in place because anonymous ciphers would not then be available.\nAnother possible mitigation is to disable anonymous ciphers on clients.",
"product_ids": [
"8Base-CFME-5.11:ansible-runner-0:1.3.4-2.el8ar.noarch",
"8Base-CFME-5.11:ansible-runner-0:1.3.4-2.el8ar.src",
"8Base-CFME-5.11:ansible-tower-venv-ansible-0:3.5.2-1.el8at.x86_64",
"8Base-CFME-5.11:cfme-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-amazon-smartstate-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-amazon-smartstate-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-appliance-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-appliance-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-appliance-common-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-appliance-tools-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-gemset-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-gemset-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:ovirt-ansible-cluster-upgrade-0:1.1.13-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-cluster-upgrade-0:1.1.13-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-disaster-recovery-0:1.2.0-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-disaster-recovery-0:1.2.0-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-engine-setup-0:1.1.9-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-engine-setup-0:1.1.9-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-hosted-engine-setup-0:1.0.26-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-hosted-engine-setup-0:1.0.26-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-image-template-0:1.1.11-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-image-template-0:1.1.11-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-infra-0:1.1.12-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-infra-0:1.1.12-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-manageiq-0:1.1.14-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-manageiq-0:1.1.14-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-repositories-0:1.1.5-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-repositories-0:1.1.5-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-roles-0:1.1.7-2.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-roles-0:1.1.7-2.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-shutdown-env-0:1.0.3-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-shutdown-env-0:1.0.3-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-vm-infra-0:1.1.19-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-vm-infra-0:1.1.19-1.el8ev.src",
"8Base-CFME-5.11:prince-0:12.4-1.el8cf.src",
"8Base-CFME-5.11:prince-0:12.4-1.el8cf.x86_64",
"8Base-CFME-5.11:python-bambou-0:3.0.1-2.el8cf.src",
"8Base-CFME-5.11:python-colorama-0:0.4.1-1.el8ost.src",
"8Base-CFME-5.11:python-daemon-0:2.1.2-9.el8ar.src",
"8Base-CFME-5.11:python-funcsigs-0:1.0.2-3.el8ost.src",
"8Base-CFME-5.11:python-future-0:0.16.0-1.el8cf.src",
"8Base-CFME-5.11:python-lockfile-1:0.11.0-8.el8ar.src",
"8Base-CFME-5.11:python-mock-0:2.0.0-11.el8ost.src",
"8Base-CFME-5.11:python-pbr-0:5.1.2-2.el8ost.src",
"8Base-CFME-5.11:python-pexpect-0:4.6-2.el8ar.src",
"8Base-CFME-5.11:python-psutil-0:5.4.3-5.el8ar.src",
"8Base-CFME-5.11:python-psutil-debugsource-0:5.4.3-5.el8ar.x86_64",
"8Base-CFME-5.11:python-pylxca-0:2.1.1-2.el8cf.src",
"8Base-CFME-5.11:python-requests-toolbelt-0:0.8.0-2.el8cf.src",
"8Base-CFME-5.11:python-tabulate-0:0.8.2-1.el8cf.src",
"8Base-CFME-5.11:python-vspk-0:5.3.2-2.el8cf.src",
"8Base-CFME-5.11:python3-ansible-runner-0:1.3.4-2.el8ar.noarch",
"8Base-CFME-5.11:python3-bambou-0:3.0.1-2.el8cf.noarch",
"8Base-CFME-5.11:python3-colorama-0:0.4.1-1.el8ost.noarch",
"8Base-CFME-5.11:python3-daemon-0:2.1.2-9.el8ar.noarch",
"8Base-CFME-5.11:python3-funcsigs-0:1.0.2-3.el8ost.noarch",
"8Base-CFME-5.11:python3-future-0:0.16.0-1.el8cf.noarch",
"8Base-CFME-5.11:python3-lockfile-1:0.11.0-8.el8ar.noarch",
"8Base-CFME-5.11:python3-mock-0:2.0.0-11.el8ost.noarch",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-0:4.3.2-1.el8ev.src",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-0:4.3.2-1.el8ev.x86_64",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-debuginfo-0:4.3.2-1.el8ev.x86_64",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-debugsource-0:4.3.2-1.el8ev.x86_64",
"8Base-CFME-5.11:python3-pbr-0:5.1.2-2.el8ost.noarch",
"8Base-CFME-5.11:python3-pexpect-0:4.6-2.el8ar.noarch",
"8Base-CFME-5.11:python3-psutil-0:5.4.3-5.el8ar.x86_64",
"8Base-CFME-5.11:python3-psutil-debuginfo-0:5.4.3-5.el8ar.x86_64",
"8Base-CFME-5.11:python3-pylxca-0:2.1.1-2.el8cf.noarch",
"8Base-CFME-5.11:python3-qpid-proton-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:python3-requests-toolbelt-0:0.8.0-2.el8cf.noarch",
"8Base-CFME-5.11:python3-tabulate-0:0.8.2-1.el8cf.noarch",
"8Base-CFME-5.11:python3-vspk-0:5.3.2-2.el8cf.noarch",
"8Base-CFME-5.11:qpid-proton-0:0.28.0-1.el8.src",
"8Base-CFME-5.11:qpid-proton-c-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-c-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-c-devel-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-c-docs-0:0.28.0-1.el8.noarch",
"8Base-CFME-5.11:qpid-proton-cpp-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-debugsource-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:repmgr10-0:4.0.6-3.el8cf.src",
"8Base-CFME-5.11:repmgr10-0:4.0.6-3.el8cf.x86_64",
"8Base-CFME-5.11:repmgr10-debuginfo-0:4.0.6-3.el8cf.x86_64",
"8Base-CFME-5.11:repmgr10-debugsource-0:4.0.6-3.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-0:3.1.13-1.el8cf.src",
"8Base-CFME-5.11:rubygem-bcrypt-0:3.1.13-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-debuginfo-0:3.1.13-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-debugsource-0:3.1.13-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-doc-0:3.1.13-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-byebug-0:11.0.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-byebug-0:11.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-byebug-debuginfo-0:11.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-byebug-debugsource-0:11.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-byebug-doc-0:11.0.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-escape_utils-0:1.2.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-escape_utils-0:1.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-escape_utils-debuginfo-0:1.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-escape_utils-debugsource-0:1.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-escape_utils-doc-0:1.2.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-ffi-0:1.9.25-1.el8cf.src",
"8Base-CFME-5.11:rubygem-ffi-0:1.9.25-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ffi-debuginfo-0:1.9.25-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ffi-debugsource-0:1.9.25-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ffi-doc-0:1.9.25-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-hamlit-0:2.8.10-1.el8cf.src",
"8Base-CFME-5.11:rubygem-hamlit-0:2.8.10-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-hamlit-debuginfo-0:2.8.10-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-hamlit-debugsource-0:2.8.10-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-hamlit-doc-0:2.8.10-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-http_parser.rb-0:0.6.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-http_parser.rb-0:0.6.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-http_parser.rb-debuginfo-0:0.6.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-http_parser.rb-debugsource-0:0.6.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-http_parser.rb-doc-0:0.6.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-linux_block_device-0:0.2.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-linux_block_device-0:0.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-linux_block_device-debuginfo-0:0.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-linux_block_device-debugsource-0:0.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-linux_block_device-doc-0:0.2.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-memory_buffer-0:0.1.0-2.el8cf.src",
"8Base-CFME-5.11:rubygem-memory_buffer-0:0.1.0-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-memory_buffer-debuginfo-0:0.1.0-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-memory_buffer-debugsource-0:0.1.0-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-memory_buffer-doc-0:0.1.0-2.el8cf.noarch",
"8Base-CFME-5.11:rubygem-nio4r-0:2.4.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-nio4r-0:2.4.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nio4r-debuginfo-0:2.4.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nio4r-debugsource-0:2.4.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nio4r-doc-0:2.4.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-nokogiri-0:1.8.5-1.el8cf.src",
"8Base-CFME-5.11:rubygem-nokogiri-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nokogiri-debuginfo-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nokogiri-debugsource-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nokogiri-doc-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-0:4.3.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-0:4.3.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-debuginfo-0:4.3.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-debugsource-0:4.3.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-doc-0:4.3.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-puma-0:3.7.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-puma-0:3.7.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-puma-debuginfo-0:3.7.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-puma-debugsource-0:3.7.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-puma-doc-0:3.7.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-qpid_proton-0:0.26.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-qpid_proton-0:0.26.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-qpid_proton-debuginfo-0:0.26.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-qpid_proton-debugsource-0:0.26.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-qpid_proton-doc-0:0.26.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-rugged-0:0.28.2-1.el8cf.src",
"8Base-CFME-5.11:rubygem-rugged-0:0.28.2-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-rugged-debuginfo-0:0.28.2-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-rugged-debugsource-0:0.28.2-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-rugged-doc-0:0.28.2-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-sassc-0:2.0.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-sassc-0:2.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sassc-debuginfo-0:2.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sassc-debugsource-0:2.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sassc-doc-0:2.0.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-sqlite3-0:1.3.13-2.el8cf.src",
"8Base-CFME-5.11:rubygem-sqlite3-0:1.3.13-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sqlite3-debuginfo-0:1.3.13-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sqlite3-debugsource-0:1.3.13-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sqlite3-doc-0:1.3.13-2.el8cf.noarch",
"8Base-CFME-5.11:rubygem-surro-gate-0:1.0.5-1.el8cf.src",
"8Base-CFME-5.11:rubygem-surro-gate-0:1.0.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-surro-gate-debuginfo-0:1.0.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-surro-gate-debugsource-0:1.0.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-surro-gate-doc-0:1.0.5-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-unf_ext-0:0.0.7.6-1.el8cf.src",
"8Base-CFME-5.11:rubygem-unf_ext-0:0.0.7.6-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-unf_ext-debuginfo-0:0.0.7.6-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-unf_ext-debugsource-0:0.0.7.6-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-unf_ext-doc-0:0.0.7.6-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-websocket-driver-0:0.6.5-1.el8cf.src",
"8Base-CFME-5.11:rubygem-websocket-driver-0:0.6.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-websocket-driver-debuginfo-0:0.6.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-websocket-driver-debugsource-0:0.6.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-websocket-driver-doc-0:0.6.5-1.el8cf.noarch",
"8Base-CFME-5.11:smem-0:1.4-1.el8cf.noarch",
"8Base-CFME-5.11:smem-0:1.4-1.el8cf.src",
"8Base-CFME-5.11:v2v-conversion-host-0:1.14.2-1.el8ev.src",
"8Base-CFME-5.11:v2v-conversion-host-ansible-0:1.14.2-1.el8ev.noarch",
"8Base-CFME-5.11:wmi-0:1.3.14-8.el8cf.src",
"8Base-CFME-5.11:wmi-0:1.3.14-8.el8cf.x86_64",
"8Base-CFME-5.11:wmi-debuginfo-0:1.3.14-8.el8cf.x86_64",
"8Base-CFME-5.11:wmi-debugsource-0:1.3.14-8.el8cf.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"8Base-CFME-5.11:ansible-runner-0:1.3.4-2.el8ar.noarch",
"8Base-CFME-5.11:ansible-runner-0:1.3.4-2.el8ar.src",
"8Base-CFME-5.11:ansible-tower-venv-ansible-0:3.5.2-1.el8at.x86_64",
"8Base-CFME-5.11:cfme-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-amazon-smartstate-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-amazon-smartstate-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-appliance-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-appliance-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-appliance-common-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-appliance-tools-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-gemset-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-gemset-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:ovirt-ansible-cluster-upgrade-0:1.1.13-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-cluster-upgrade-0:1.1.13-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-disaster-recovery-0:1.2.0-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-disaster-recovery-0:1.2.0-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-engine-setup-0:1.1.9-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-engine-setup-0:1.1.9-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-hosted-engine-setup-0:1.0.26-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-hosted-engine-setup-0:1.0.26-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-image-template-0:1.1.11-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-image-template-0:1.1.11-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-infra-0:1.1.12-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-infra-0:1.1.12-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-manageiq-0:1.1.14-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-manageiq-0:1.1.14-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-repositories-0:1.1.5-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-repositories-0:1.1.5-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-roles-0:1.1.7-2.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-roles-0:1.1.7-2.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-shutdown-env-0:1.0.3-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-shutdown-env-0:1.0.3-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-vm-infra-0:1.1.19-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-vm-infra-0:1.1.19-1.el8ev.src",
"8Base-CFME-5.11:prince-0:12.4-1.el8cf.src",
"8Base-CFME-5.11:prince-0:12.4-1.el8cf.x86_64",
"8Base-CFME-5.11:python-bambou-0:3.0.1-2.el8cf.src",
"8Base-CFME-5.11:python-colorama-0:0.4.1-1.el8ost.src",
"8Base-CFME-5.11:python-daemon-0:2.1.2-9.el8ar.src",
"8Base-CFME-5.11:python-funcsigs-0:1.0.2-3.el8ost.src",
"8Base-CFME-5.11:python-future-0:0.16.0-1.el8cf.src",
"8Base-CFME-5.11:python-lockfile-1:0.11.0-8.el8ar.src",
"8Base-CFME-5.11:python-mock-0:2.0.0-11.el8ost.src",
"8Base-CFME-5.11:python-pbr-0:5.1.2-2.el8ost.src",
"8Base-CFME-5.11:python-pexpect-0:4.6-2.el8ar.src",
"8Base-CFME-5.11:python-psutil-0:5.4.3-5.el8ar.src",
"8Base-CFME-5.11:python-psutil-debugsource-0:5.4.3-5.el8ar.x86_64",
"8Base-CFME-5.11:python-pylxca-0:2.1.1-2.el8cf.src",
"8Base-CFME-5.11:python-requests-toolbelt-0:0.8.0-2.el8cf.src",
"8Base-CFME-5.11:python-tabulate-0:0.8.2-1.el8cf.src",
"8Base-CFME-5.11:python-vspk-0:5.3.2-2.el8cf.src",
"8Base-CFME-5.11:python3-ansible-runner-0:1.3.4-2.el8ar.noarch",
"8Base-CFME-5.11:python3-bambou-0:3.0.1-2.el8cf.noarch",
"8Base-CFME-5.11:python3-colorama-0:0.4.1-1.el8ost.noarch",
"8Base-CFME-5.11:python3-daemon-0:2.1.2-9.el8ar.noarch",
"8Base-CFME-5.11:python3-funcsigs-0:1.0.2-3.el8ost.noarch",
"8Base-CFME-5.11:python3-future-0:0.16.0-1.el8cf.noarch",
"8Base-CFME-5.11:python3-lockfile-1:0.11.0-8.el8ar.noarch",
"8Base-CFME-5.11:python3-mock-0:2.0.0-11.el8ost.noarch",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-0:4.3.2-1.el8ev.src",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-0:4.3.2-1.el8ev.x86_64",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-debuginfo-0:4.3.2-1.el8ev.x86_64",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-debugsource-0:4.3.2-1.el8ev.x86_64",
"8Base-CFME-5.11:python3-pbr-0:5.1.2-2.el8ost.noarch",
"8Base-CFME-5.11:python3-pexpect-0:4.6-2.el8ar.noarch",
"8Base-CFME-5.11:python3-psutil-0:5.4.3-5.el8ar.x86_64",
"8Base-CFME-5.11:python3-psutil-debuginfo-0:5.4.3-5.el8ar.x86_64",
"8Base-CFME-5.11:python3-pylxca-0:2.1.1-2.el8cf.noarch",
"8Base-CFME-5.11:python3-qpid-proton-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:python3-requests-toolbelt-0:0.8.0-2.el8cf.noarch",
"8Base-CFME-5.11:python3-tabulate-0:0.8.2-1.el8cf.noarch",
"8Base-CFME-5.11:python3-vspk-0:5.3.2-2.el8cf.noarch",
"8Base-CFME-5.11:qpid-proton-0:0.28.0-1.el8.src",
"8Base-CFME-5.11:qpid-proton-c-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-c-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-c-devel-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-c-docs-0:0.28.0-1.el8.noarch",
"8Base-CFME-5.11:qpid-proton-cpp-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-debugsource-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:repmgr10-0:4.0.6-3.el8cf.src",
"8Base-CFME-5.11:repmgr10-0:4.0.6-3.el8cf.x86_64",
"8Base-CFME-5.11:repmgr10-debuginfo-0:4.0.6-3.el8cf.x86_64",
"8Base-CFME-5.11:repmgr10-debugsource-0:4.0.6-3.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-0:3.1.13-1.el8cf.src",
"8Base-CFME-5.11:rubygem-bcrypt-0:3.1.13-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-debuginfo-0:3.1.13-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-debugsource-0:3.1.13-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-doc-0:3.1.13-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-byebug-0:11.0.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-byebug-0:11.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-byebug-debuginfo-0:11.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-byebug-debugsource-0:11.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-byebug-doc-0:11.0.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-escape_utils-0:1.2.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-escape_utils-0:1.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-escape_utils-debuginfo-0:1.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-escape_utils-debugsource-0:1.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-escape_utils-doc-0:1.2.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-ffi-0:1.9.25-1.el8cf.src",
"8Base-CFME-5.11:rubygem-ffi-0:1.9.25-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ffi-debuginfo-0:1.9.25-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ffi-debugsource-0:1.9.25-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ffi-doc-0:1.9.25-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-hamlit-0:2.8.10-1.el8cf.src",
"8Base-CFME-5.11:rubygem-hamlit-0:2.8.10-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-hamlit-debuginfo-0:2.8.10-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-hamlit-debugsource-0:2.8.10-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-hamlit-doc-0:2.8.10-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-http_parser.rb-0:0.6.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-http_parser.rb-0:0.6.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-http_parser.rb-debuginfo-0:0.6.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-http_parser.rb-debugsource-0:0.6.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-http_parser.rb-doc-0:0.6.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-linux_block_device-0:0.2.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-linux_block_device-0:0.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-linux_block_device-debuginfo-0:0.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-linux_block_device-debugsource-0:0.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-linux_block_device-doc-0:0.2.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-memory_buffer-0:0.1.0-2.el8cf.src",
"8Base-CFME-5.11:rubygem-memory_buffer-0:0.1.0-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-memory_buffer-debuginfo-0:0.1.0-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-memory_buffer-debugsource-0:0.1.0-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-memory_buffer-doc-0:0.1.0-2.el8cf.noarch",
"8Base-CFME-5.11:rubygem-nio4r-0:2.4.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-nio4r-0:2.4.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nio4r-debuginfo-0:2.4.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nio4r-debugsource-0:2.4.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nio4r-doc-0:2.4.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-nokogiri-0:1.8.5-1.el8cf.src",
"8Base-CFME-5.11:rubygem-nokogiri-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nokogiri-debuginfo-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nokogiri-debugsource-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nokogiri-doc-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-0:4.3.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-0:4.3.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-debuginfo-0:4.3.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-debugsource-0:4.3.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-doc-0:4.3.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-puma-0:3.7.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-puma-0:3.7.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-puma-debuginfo-0:3.7.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-puma-debugsource-0:3.7.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-puma-doc-0:3.7.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-qpid_proton-0:0.26.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-qpid_proton-0:0.26.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-qpid_proton-debuginfo-0:0.26.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-qpid_proton-debugsource-0:0.26.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-qpid_proton-doc-0:0.26.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-rugged-0:0.28.2-1.el8cf.src",
"8Base-CFME-5.11:rubygem-rugged-0:0.28.2-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-rugged-debuginfo-0:0.28.2-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-rugged-debugsource-0:0.28.2-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-rugged-doc-0:0.28.2-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-sassc-0:2.0.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-sassc-0:2.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sassc-debuginfo-0:2.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sassc-debugsource-0:2.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sassc-doc-0:2.0.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-sqlite3-0:1.3.13-2.el8cf.src",
"8Base-CFME-5.11:rubygem-sqlite3-0:1.3.13-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sqlite3-debuginfo-0:1.3.13-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sqlite3-debugsource-0:1.3.13-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sqlite3-doc-0:1.3.13-2.el8cf.noarch",
"8Base-CFME-5.11:rubygem-surro-gate-0:1.0.5-1.el8cf.src",
"8Base-CFME-5.11:rubygem-surro-gate-0:1.0.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-surro-gate-debuginfo-0:1.0.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-surro-gate-debugsource-0:1.0.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-surro-gate-doc-0:1.0.5-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-unf_ext-0:0.0.7.6-1.el8cf.src",
"8Base-CFME-5.11:rubygem-unf_ext-0:0.0.7.6-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-unf_ext-debuginfo-0:0.0.7.6-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-unf_ext-debugsource-0:0.0.7.6-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-unf_ext-doc-0:0.0.7.6-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-websocket-driver-0:0.6.5-1.el8cf.src",
"8Base-CFME-5.11:rubygem-websocket-driver-0:0.6.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-websocket-driver-debuginfo-0:0.6.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-websocket-driver-debugsource-0:0.6.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-websocket-driver-doc-0:0.6.5-1.el8cf.noarch",
"8Base-CFME-5.11:smem-0:1.4-1.el8cf.noarch",
"8Base-CFME-5.11:smem-0:1.4-1.el8cf.src",
"8Base-CFME-5.11:v2v-conversion-host-0:1.14.2-1.el8ev.src",
"8Base-CFME-5.11:v2v-conversion-host-ansible-0:1.14.2-1.el8ev.noarch",
"8Base-CFME-5.11:wmi-0:1.3.14-8.el8cf.src",
"8Base-CFME-5.11:wmi-0:1.3.14-8.el8cf.x86_64",
"8Base-CFME-5.11:wmi-debuginfo-0:1.3.14-8.el8cf.x86_64",
"8Base-CFME-5.11:wmi-debugsource-0:1.3.14-8.el8cf.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "qpid-proton: TLS Man in the Middle Vulnerability"
}
]
}
rhba-2019_1076
Vulnerability from csaf_redhat
Published
2019-05-08 12:47
Modified
2024-11-13 22:06
Summary
Red Hat Bug Fix Advisory: ovirt-engine-api-explorer bug fix and enhancement update for RHV 4.3
Notes
Topic
Updated ovirt-engine-api-explorer packages that fix several bugs and add various enhancements are now available.
Details
The ovirt-engine-api-explorer package provides a web application for exploring the oVirt API documentation.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated ovirt-engine-api-explorer packages that fix several bugs and add various enhancements are now available.",
"title": "Topic"
},
{
"category": "general",
"text": "The ovirt-engine-api-explorer package provides a web application for exploring the oVirt API documentation.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHBA-2019:1076",
"url": "https://access.redhat.com/errata/RHBA-2019:1076"
},
{
"category": "external",
"summary": "1639272",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1639272"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhba-2019_1076.json"
}
],
"title": "Red Hat Bug Fix Advisory: ovirt-engine-api-explorer bug fix and enhancement update for RHV 4.3",
"tracking": {
"current_release_date": "2024-11-13T22:06:02+00:00",
"generator": {
"date": "2024-11-13T22:06:02+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.0"
}
},
"id": "RHBA-2019:1076",
"initial_release_date": "2019-05-08T12:47:06+00:00",
"revision_history": [
{
"date": "2019-05-08T12:47:06+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2019-05-08T12:47:06+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-13T22:06:02+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHV-M 4.3",
"product": {
"name": "RHV-M 4.3",
"product_id": "7Server-RHV-S-4.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhev_manager:4.3"
}
}
}
],
"category": "product_family",
"name": "Red Hat Virtualization"
},
{
"branches": [
{
"category": "product_version",
"name": "ovirt-engine-api-explorer-0:0.0.4-1.el7ev.src",
"product": {
"name": "ovirt-engine-api-explorer-0:0.0.4-1.el7ev.src",
"product_id": "ovirt-engine-api-explorer-0:0.0.4-1.el7ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-api-explorer@0.0.4-1.el7ev?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "ovirt-engine-api-explorer-0:0.0.4-1.el7ev.noarch",
"product": {
"name": "ovirt-engine-api-explorer-0:0.0.4-1.el7ev.noarch",
"product_id": "ovirt-engine-api-explorer-0:0.0.4-1.el7ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-api-explorer@0.0.4-1.el7ev?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-api-explorer-0:0.0.4-1.el7ev.noarch as a component of RHV-M 4.3",
"product_id": "7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.4-1.el7ev.noarch"
},
"product_reference": "ovirt-engine-api-explorer-0:0.0.4-1.el7ev.noarch",
"relates_to_product_reference": "7Server-RHV-S-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-api-explorer-0:0.0.4-1.el7ev.src as a component of RHV-M 4.3",
"product_id": "7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.4-1.el7ev.src"
},
"product_reference": "ovirt-engine-api-explorer-0:0.0.4-1.el7ev.src",
"relates_to_product_reference": "7Server-RHV-S-4.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-10735",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668097"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the data-target attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.4-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.4-1.el7ev.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-10735"
},
{
"category": "external",
"summary": "RHBZ#1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10735"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735"
}
],
"release_date": "2016-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-05-08T12:47:06+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.4-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.4-1.el7ev.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2019:1076"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.4-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.4-1.el7ev.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the data-target attribute"
},
{
"cve": "CVE-2018-20676",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668082"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting, caused by improper validation of user-supplied input by the tooltip data-viewport attribute. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the tooltip data-viewport attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions do not use the vulnerable component at all.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.4-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.4-1.el7ev.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-20676"
},
{
"category": "external",
"summary": "RHBZ#1668082",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668082"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-20676",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20676"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20676",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20676"
}
],
"release_date": "2018-08-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-05-08T12:47:06+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.4-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.4-1.el7ev.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2019:1076"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.4-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.4-1.el7ev.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the tooltip data-viewport attribute"
},
{
"cve": "CVE-2018-20677",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668089"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting caused by improper validation of user-supplied input by the affix configuration target property. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the affix configuration target property",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions do not use the vulnerable component at all.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.4-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.4-1.el7ev.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-20677"
},
{
"category": "external",
"summary": "RHBZ#1668089",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668089"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-20677",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20677"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20677",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20677"
}
],
"release_date": "2018-08-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-05-08T12:47:06+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.4-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.4-1.el7ev.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2019:1076"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.4-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.4-1.el7ev.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the affix configuration target property"
}
]
}
rhsa-2020_4847
Vulnerability from csaf_redhat
Published
2020-11-04 01:39
Modified
2024-12-29 18:30
Summary
Red Hat Security Advisory: pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update
Notes
Topic
An update for the pki-core:10.6 and pki-deps:10.6 modules is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The Public Key Infrastructure (PKI) Core contains fundamental packages required by Red Hat Certificate System.
Security Fix(es):
* jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251)
* bootstrap: XSS in the data-target attribute (CVE-2016-10735)
* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)
* bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip (CVE-2018-14042)
* bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331)
* jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection (CVE-2019-11358)
* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)
* jquery: Passing HTML containing <option> elements to manipulation methods could result in untrusted code execution (CVE-2020-11023)
* pki: Dogtag's python client does not validate certificates (CVE-2020-15720)
* pki-core: Reflected XSS in 'path length' constraint field in CA's Agent page (CVE-2019-10146)
* pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA's DRM agent page in authorize recovery tab (CVE-2019-10179)
* pki-core: Reflected XSS in getcookies?url= endpoint in CA (CVE-2019-10221)
* pki-core: KRA vulnerable to reflected XSS via the getPk12 page (CVE-2020-1721)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for the pki-core:10.6 and pki-deps:10.6 modules is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The Public Key Infrastructure (PKI) Core contains fundamental packages required by Red Hat Certificate System.\n\nSecurity Fix(es):\n\n* jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251)\n\n* bootstrap: XSS in the data-target attribute (CVE-2016-10735)\n\n* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)\n\n* bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip (CVE-2018-14042)\n\n* bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331)\n\n* jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection (CVE-2019-11358)\n\n* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)\n\n* jquery: Passing HTML containing \u003coption\u003e elements to manipulation methods could result in untrusted code execution (CVE-2020-11023)\n\n* pki: Dogtag\u0027s python client does not validate certificates (CVE-2020-15720)\n\n* pki-core: Reflected XSS in \u0027path length\u0027 constraint field in CA\u0027s Agent page (CVE-2019-10146)\n\n* pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA\u0027s DRM agent page in authorize recovery tab (CVE-2019-10179)\n\n* pki-core: Reflected XSS in getcookies?url= endpoint in CA (CVE-2019-10221)\n\n* pki-core: KRA vulnerable to reflected XSS via the getPk12 page (CVE-2020-1721)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:4847",
"url": "https://access.redhat.com/errata/RHSA-2020:4847"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.3_release_notes/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.3_release_notes/"
},
{
"category": "external",
"summary": "1376706",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1376706"
},
{
"category": "external",
"summary": "1399546",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1399546"
},
{
"category": "external",
"summary": "1406505",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1406505"
},
{
"category": "external",
"summary": "1601614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614"
},
{
"category": "external",
"summary": "1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "1666907",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666907"
},
{
"category": "external",
"summary": "1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "external",
"summary": "1695901",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695901"
},
{
"category": "external",
"summary": "1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "1706521",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1706521"
},
{
"category": "external",
"summary": "1710171",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1710171"
},
{
"category": "external",
"summary": "1721684",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1721684"
},
{
"category": "external",
"summary": "1724433",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1724433"
},
{
"category": "external",
"summary": "1732565",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1732565"
},
{
"category": "external",
"summary": "1732981",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1732981"
},
{
"category": "external",
"summary": "1777579",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1777579"
},
{
"category": "external",
"summary": "1805541",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1805541"
},
{
"category": "external",
"summary": "1817247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1817247"
},
{
"category": "external",
"summary": "1821851",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1821851"
},
{
"category": "external",
"summary": "1822246",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1822246"
},
{
"category": "external",
"summary": "1824939",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1824939"
},
{
"category": "external",
"summary": "1824948",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1824948"
},
{
"category": "external",
"summary": "1825998",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1825998"
},
{
"category": "external",
"summary": "1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "1842734",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1842734"
},
{
"category": "external",
"summary": "1842736",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1842736"
},
{
"category": "external",
"summary": "1843537",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1843537"
},
{
"category": "external",
"summary": "1845447",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1845447"
},
{
"category": "external",
"summary": "1850004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004"
},
{
"category": "external",
"summary": "1854043",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1854043"
},
{
"category": "external",
"summary": "1854959",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1854959"
},
{
"category": "external",
"summary": "1855273",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1855273"
},
{
"category": "external",
"summary": "1855319",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1855319"
},
{
"category": "external",
"summary": "1856368",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1856368"
},
{
"category": "external",
"summary": "1857933",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857933"
},
{
"category": "external",
"summary": "1861911",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1861911"
},
{
"category": "external",
"summary": "1869893",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1869893"
},
{
"category": "external",
"summary": "1871064",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1871064"
},
{
"category": "external",
"summary": "1873235",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1873235"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_4847.json"
}
],
"title": "Red Hat Security Advisory: pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update",
"tracking": {
"current_release_date": "2024-12-29T18:30:19+00:00",
"generator": {
"date": "2024-12-29T18:30:19+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.4"
}
},
"id": "RHSA-2020:4847",
"initial_release_date": "2020-11-04T01:39:43+00:00",
"revision_history": [
{
"date": "2020-11-04T01:39:43+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-11-04T01:39:43+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-29T18:30:19+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "pki-deps:10.6:8030020200527165326:30b713e6",
"product": {
"name": "pki-deps:10.6:8030020200527165326:30b713e6",
"product_id": "pki-deps:10.6:8030020200527165326:30b713e6",
"product_identification_helper": {
"purl": "pkg:rpmmod/redhat/pki-deps@10.6:8030020200527165326:30b713e6"
}
}
},
{
"category": "product_version",
"name": "apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch",
"product": {
"name": "apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch",
"product_id": "apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/apache-commons-collections@3.2.2-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch",
"product": {
"name": "apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch",
"product_id": "apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/apache-commons-lang@2.6-21.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch",
"product": {
"name": "apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch",
"product_id": "apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/apache-commons-net@3.6-3.module%2Bel8.3.0%2B6805%2B72837426?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch",
"product": {
"name": "bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch",
"product_id": "bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bea-stax-api@1.2.0-16.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch",
"product": {
"name": "glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch",
"product_id": "glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glassfish-fastinfoset@1.2.13-9.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch",
"product": {
"name": "glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch",
"product_id": "glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glassfish-jaxb-api@2.2.12-8.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"product": {
"name": "glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"product_id": "glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glassfish-jaxb-core@2.2.11-11.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"product": {
"name": "glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"product_id": "glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glassfish-jaxb-runtime@2.2.11-11.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"product": {
"name": "glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"product_id": "glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glassfish-jaxb-txw2@2.2.11-11.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"product": {
"name": "jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"product_id": "jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jackson-annotations@2.10.0-1.module%2Bel8.2.0%2B5059%2B3eb3af25?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"product": {
"name": "jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"product_id": "jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jackson-core@2.10.0-1.module%2Bel8.2.0%2B5059%2B3eb3af25?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"product": {
"name": "jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"product_id": "jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jackson-databind@2.10.0-1.module%2Bel8.2.0%2B5059%2B3eb3af25?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"product": {
"name": "jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"product_id": "jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jackson-jaxrs-json-provider@2.9.9-1.module%2Bel8.1.0%2B3832%2B9784644d?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"product": {
"name": "jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"product_id": "jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jackson-jaxrs-providers@2.9.9-1.module%2Bel8.1.0%2B3832%2B9784644d?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch",
"product": {
"name": "jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch",
"product_id": "jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jackson-module-jaxb-annotations@2.7.6-4.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch",
"product": {
"name": "jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch",
"product_id": "jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jakarta-commons-httpclient@3.1-28.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"product": {
"name": "javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"product_id": "javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/javassist@3.18.1-8.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"product": {
"name": "javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"product_id": "javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/javassist-javadoc@3.18.1-8.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"product": {
"name": "pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"product_id": "pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-servlet-4.0-api@9.0.30-1.module%2Bel8.3.0%2B6730%2B8f9c6254?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"product": {
"name": "pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"product_id": "pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-servlet-engine@9.0.30-1.module%2Bel8.3.0%2B6730%2B8f9c6254?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch",
"product": {
"name": "relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch",
"product_id": "relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/relaxngDatatype@2011.1-7.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch",
"product": {
"name": "resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch",
"product_id": "resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/resteasy@3.0.26-3.module%2Bel8.2.0%2B5723%2B4574fbff?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"product": {
"name": "slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"product_id": "slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slf4j@1.7.25-4.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"product": {
"name": "slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"product_id": "slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slf4j-jdk14@1.7.25-4.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch",
"product": {
"name": "stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch",
"product_id": "stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/stax-ex@1.7.7-8.module%2Bel8.2.0%2B5723%2B4574fbff?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch",
"product": {
"name": "velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch",
"product_id": "velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/velocity@1.7-24.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch",
"product": {
"name": "xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch",
"product_id": "xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/xalan-j2@2.7.1-38.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch",
"product": {
"name": "xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch",
"product_id": "xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/xerces-j2@2.11.0-34.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch",
"product": {
"name": "xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch",
"product_id": "xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/xml-commons-apis@1.4.01-25.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch",
"product": {
"name": "xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch",
"product_id": "xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/xml-commons-resolver@1.2-26.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch",
"product": {
"name": "xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch",
"product_id": "xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/xmlstreambuffer@1.5.4-8.module%2Bel8.2.0%2B5723%2B4574fbff?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch",
"product": {
"name": "xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch",
"product_id": "xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/xsom@0-19.20110809svn.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "pki-core:10.6:8030020200911215836:5ff1562f",
"product": {
"name": "pki-core:10.6:8030020200911215836:5ff1562f",
"product_id": "pki-core:10.6:8030020200911215836:5ff1562f",
"product_identification_helper": {
"purl": "pkg:rpmmod/redhat/pki-core@10.6:8030020200911215836:5ff1562f"
}
}
},
{
"category": "product_version",
"name": "ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"product": {
"name": "ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"product_id": "ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ldapjdk@4.22.0-1.module%2Bel8.3.0%2B6784%2B6e1e4c62?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"product": {
"name": "ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"product_id": "ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ldapjdk-javadoc@4.22.0-1.module%2Bel8.3.0%2B6784%2B6e1e4c62?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"product": {
"name": "pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"product_id": "pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-base@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"product": {
"name": "pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"product_id": "pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-base-java@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"product": {
"name": "pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"product_id": "pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-ca@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"product": {
"name": "pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"product_id": "pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-kra@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"product": {
"name": "pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"product_id": "pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-server@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"product": {
"name": "python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"product_id": "python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-pki@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch",
"product": {
"name": "tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch",
"product_id": "tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcatjss@7.5.0-1.module%2Bel8.3.0%2B7355%2Bc59bcbd9?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src",
"product": {
"name": "apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src",
"product_id": "apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/apache-commons-collections@3.2.2-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src"
}
}
},
{
"category": "product_version",
"name": "apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src",
"product": {
"name": "apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src",
"product_id": "apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/apache-commons-lang@2.6-21.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src"
}
}
},
{
"category": "product_version",
"name": "apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src",
"product": {
"name": "apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src",
"product_id": "apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/apache-commons-net@3.6-3.module%2Bel8.3.0%2B6805%2B72837426?arch=src"
}
}
},
{
"category": "product_version",
"name": "bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src",
"product": {
"name": "bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src",
"product_id": "bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bea-stax@1.2.0-16.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src"
}
}
},
{
"category": "product_version",
"name": "glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src",
"product": {
"name": "glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src",
"product_id": "glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glassfish-fastinfoset@1.2.13-9.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src"
}
}
},
{
"category": "product_version",
"name": "glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src",
"product": {
"name": "glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src",
"product_id": "glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glassfish-jaxb@2.2.11-11.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src"
}
}
},
{
"category": "product_version",
"name": "glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src",
"product": {
"name": "glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src",
"product_id": "glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/glassfish-jaxb-api@2.2.12-8.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src"
}
}
},
{
"category": "product_version",
"name": "jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"product": {
"name": "jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"product_id": "jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jackson-annotations@2.10.0-1.module%2Bel8.2.0%2B5059%2B3eb3af25?arch=src"
}
}
},
{
"category": "product_version",
"name": "jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"product": {
"name": "jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"product_id": "jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jackson-core@2.10.0-1.module%2Bel8.2.0%2B5059%2B3eb3af25?arch=src"
}
}
},
{
"category": "product_version",
"name": "jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"product": {
"name": "jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"product_id": "jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jackson-databind@2.10.0-1.module%2Bel8.2.0%2B5059%2B3eb3af25?arch=src"
}
}
},
{
"category": "product_version",
"name": "jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src",
"product": {
"name": "jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src",
"product_id": "jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jackson-jaxrs-providers@2.9.9-1.module%2Bel8.1.0%2B3832%2B9784644d?arch=src"
}
}
},
{
"category": "product_version",
"name": "jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src",
"product": {
"name": "jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src",
"product_id": "jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jackson-module-jaxb-annotations@2.7.6-4.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src"
}
}
},
{
"category": "product_version",
"name": "jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src",
"product": {
"name": "jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src",
"product_id": "jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jakarta-commons-httpclient@3.1-28.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src",
"product": {
"name": "javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src",
"product_id": "javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/javassist@3.18.1-8.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src"
}
}
},
{
"category": "product_version",
"name": "pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src",
"product": {
"name": "pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src",
"product_id": "pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-servlet-engine@9.0.30-1.module%2Bel8.3.0%2B6730%2B8f9c6254?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src",
"product": {
"name": "python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src",
"product_id": "python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-nss@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src"
}
}
},
{
"category": "product_version",
"name": "relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src",
"product": {
"name": "relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src",
"product_id": "relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/relaxngDatatype@2011.1-7.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src"
}
}
},
{
"category": "product_version",
"name": "resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src",
"product": {
"name": "resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src",
"product_id": "resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/resteasy@3.0.26-3.module%2Bel8.2.0%2B5723%2B4574fbff?arch=src"
}
}
},
{
"category": "product_version",
"name": "slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src",
"product": {
"name": "slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src",
"product_id": "slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slf4j@1.7.25-4.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src"
}
}
},
{
"category": "product_version",
"name": "stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src",
"product": {
"name": "stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src",
"product_id": "stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/stax-ex@1.7.7-8.module%2Bel8.2.0%2B5723%2B4574fbff?arch=src"
}
}
},
{
"category": "product_version",
"name": "velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src",
"product": {
"name": "velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src",
"product_id": "velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/velocity@1.7-24.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src"
}
}
},
{
"category": "product_version",
"name": "xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src",
"product": {
"name": "xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src",
"product_id": "xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/xalan-j2@2.7.1-38.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src"
}
}
},
{
"category": "product_version",
"name": "xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src",
"product": {
"name": "xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src",
"product_id": "xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/xerces-j2@2.11.0-34.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src"
}
}
},
{
"category": "product_version",
"name": "xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src",
"product": {
"name": "xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src",
"product_id": "xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/xml-commons-apis@1.4.01-25.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src"
}
}
},
{
"category": "product_version",
"name": "xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src",
"product": {
"name": "xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src",
"product_id": "xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/xml-commons-resolver@1.2-26.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src"
}
}
},
{
"category": "product_version",
"name": "xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src",
"product": {
"name": "xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src",
"product_id": "xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/xmlstreambuffer@1.5.4-8.module%2Bel8.2.0%2B5723%2B4574fbff?arch=src"
}
}
},
{
"category": "product_version",
"name": "xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src",
"product": {
"name": "xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src",
"product_id": "xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/xsom@0-19.20110809svn.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=src"
}
}
},
{
"category": "product_version",
"name": "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src",
"product": {
"name": "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src",
"product_id": "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jss@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=src"
}
}
},
{
"category": "product_version",
"name": "ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src",
"product": {
"name": "ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src",
"product_id": "ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ldapjdk@4.22.0-1.module%2Bel8.3.0%2B6784%2B6e1e4c62?arch=src"
}
}
},
{
"category": "product_version",
"name": "pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src",
"product": {
"name": "pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src",
"product_id": "pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-core@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=src"
}
}
},
{
"category": "product_version",
"name": "tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src",
"product": {
"name": "tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src",
"product_id": "tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tomcatjss@7.5.0-1.module%2Bel8.3.0%2B7355%2Bc59bcbd9?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"product": {
"name": "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"product_id": "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-nss-debugsource@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"product": {
"name": "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"product_id": "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-nss-doc@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"product": {
"name": "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"product_id": "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-nss@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"product": {
"name": "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"product_id": "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-nss-debuginfo@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"product": {
"name": "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"product_id": "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jss@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"product": {
"name": "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"product_id": "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jss-debuginfo@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"product": {
"name": "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"product_id": "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jss-debugsource@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"product": {
"name": "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"product_id": "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jss-javadoc@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"product": {
"name": "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"product_id": "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-core-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"product": {
"name": "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"product_id": "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-core-debugsource@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"product": {
"name": "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"product_id": "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-symkey@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"product": {
"name": "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"product_id": "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-symkey-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"product": {
"name": "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"product_id": "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-tools@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"product": {
"name": "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"product_id": "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-tools-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"product": {
"name": "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"product_id": "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-nss-debugsource@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"product": {
"name": "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"product_id": "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-nss-doc@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"product": {
"name": "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"product_id": "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-nss@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"product": {
"name": "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"product_id": "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-nss-debuginfo@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"product": {
"name": "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"product_id": "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jss@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"product": {
"name": "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"product_id": "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jss-debuginfo@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"product": {
"name": "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"product_id": "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jss-debugsource@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"product": {
"name": "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"product_id": "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jss-javadoc@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"product": {
"name": "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"product_id": "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-core-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"product": {
"name": "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"product_id": "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-core-debugsource@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"product": {
"name": "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"product_id": "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-symkey@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"product": {
"name": "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"product_id": "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-symkey-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"product": {
"name": "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"product_id": "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-tools@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"product": {
"name": "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"product_id": "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-tools-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"product": {
"name": "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"product_id": "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-nss-debugsource@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"product": {
"name": "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"product_id": "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-nss-doc@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"product": {
"name": "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"product_id": "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-nss@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"product": {
"name": "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"product_id": "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-nss-debuginfo@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"product": {
"name": "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"product_id": "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jss@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"product": {
"name": "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"product_id": "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jss-debuginfo@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"product": {
"name": "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"product_id": "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jss-debugsource@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"product": {
"name": "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"product_id": "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jss-javadoc@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"product": {
"name": "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"product_id": "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-core-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"product": {
"name": "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"product_id": "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-core-debugsource@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"product": {
"name": "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"product_id": "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-symkey@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"product": {
"name": "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"product_id": "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-symkey-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"product": {
"name": "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"product_id": "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-tools@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"product": {
"name": "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"product_id": "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-tools-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"product": {
"name": "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"product_id": "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-nss-debugsource@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"product": {
"name": "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"product_id": "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-nss-doc@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"product": {
"name": "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"product_id": "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-nss@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"product": {
"name": "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"product_id": "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-nss-debuginfo@1.0.1-10.module%2Bel8.1.0%2B3366%2B6dfb954c?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"product": {
"name": "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"product_id": "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jss@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"product": {
"name": "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"product_id": "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jss-debuginfo@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"product": {
"name": "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"product_id": "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jss-debugsource@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"product": {
"name": "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"product_id": "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jss-javadoc@4.7.3-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"product": {
"name": "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"product_id": "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-core-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"product": {
"name": "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"product_id": "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-core-debugsource@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"product": {
"name": "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"product_id": "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-symkey@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"product": {
"name": "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"product_id": "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-symkey-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"product": {
"name": "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"product_id": "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-tools@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"product": {
"name": "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"product_id": "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pki-tools-debuginfo@10.9.4-1.module%2Bel8.3.0%2B8058%2Bd5cd4219?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f"
},
"product_reference": "pki-core:10.6:8030020200911215836:5ff1562f",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64"
},
"product_reference": "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le"
},
"product_reference": "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x"
},
"product_reference": "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src"
},
"product_reference": "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64"
},
"product_reference": "jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64"
},
"product_reference": "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le"
},
"product_reference": "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x"
},
"product_reference": "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64"
},
"product_reference": "jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64"
},
"product_reference": "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le"
},
"product_reference": "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x"
},
"product_reference": "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64"
},
"product_reference": "jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64"
},
"product_reference": "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le"
},
"product_reference": "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x"
},
"product_reference": "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64"
},
"product_reference": "jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch"
},
"product_reference": "ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src"
},
"product_reference": "ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch"
},
"product_reference": "ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch"
},
"product_reference": "pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch"
},
"product_reference": "pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch"
},
"product_reference": "pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src"
},
"product_reference": "pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64"
},
"product_reference": "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le"
},
"product_reference": "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x"
},
"product_reference": "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64"
},
"product_reference": "pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64"
},
"product_reference": "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le"
},
"product_reference": "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x"
},
"product_reference": "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64"
},
"product_reference": "pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch"
},
"product_reference": "pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch"
},
"product_reference": "pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64"
},
"product_reference": "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le"
},
"product_reference": "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x"
},
"product_reference": "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64"
},
"product_reference": "pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64"
},
"product_reference": "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le"
},
"product_reference": "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x"
},
"product_reference": "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64"
},
"product_reference": "pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64"
},
"product_reference": "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le"
},
"product_reference": "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x"
},
"product_reference": "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64"
},
"product_reference": "pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64"
},
"product_reference": "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le"
},
"product_reference": "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x"
},
"product_reference": "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64 as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64"
},
"product_reference": "pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch"
},
"product_reference": "python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch"
},
"product_reference": "tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src as a component of pki-core:10.6:8030020200911215836:5ff1562f as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src"
},
"product_reference": "tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6"
},
"product_reference": "pki-deps:10.6:8030020200527165326:30b713e6",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch"
},
"product_reference": "apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src"
},
"product_reference": "apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch"
},
"product_reference": "apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src"
},
"product_reference": "apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch"
},
"product_reference": "apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src"
},
"product_reference": "apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src"
},
"product_reference": "bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch"
},
"product_reference": "bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch"
},
"product_reference": "glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src"
},
"product_reference": "glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src"
},
"product_reference": "glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch"
},
"product_reference": "glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src"
},
"product_reference": "glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch"
},
"product_reference": "glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch"
},
"product_reference": "glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch"
},
"product_reference": "glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch"
},
"product_reference": "jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src"
},
"product_reference": "jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch"
},
"product_reference": "jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src"
},
"product_reference": "jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch"
},
"product_reference": "jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src"
},
"product_reference": "jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch"
},
"product_reference": "jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch"
},
"product_reference": "jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src"
},
"product_reference": "jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch"
},
"product_reference": "jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src"
},
"product_reference": "jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch"
},
"product_reference": "jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src"
},
"product_reference": "jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch"
},
"product_reference": "javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src"
},
"product_reference": "javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch"
},
"product_reference": "javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch"
},
"product_reference": "pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch"
},
"product_reference": "pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src"
},
"product_reference": "pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src"
},
"product_reference": "python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64 as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64"
},
"product_reference": "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le"
},
"product_reference": "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x"
},
"product_reference": "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64 as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64"
},
"product_reference": "python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64 as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64"
},
"product_reference": "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le"
},
"product_reference": "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x"
},
"product_reference": "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64 as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64"
},
"product_reference": "python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64 as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64"
},
"product_reference": "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le"
},
"product_reference": "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x"
},
"product_reference": "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64 as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64"
},
"product_reference": "python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64 as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64"
},
"product_reference": "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le"
},
"product_reference": "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x"
},
"product_reference": "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64 as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64"
},
"product_reference": "python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch"
},
"product_reference": "relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src"
},
"product_reference": "relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch"
},
"product_reference": "resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src"
},
"product_reference": "resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch"
},
"product_reference": "slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src"
},
"product_reference": "slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch"
},
"product_reference": "slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch"
},
"product_reference": "stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src"
},
"product_reference": "stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch"
},
"product_reference": "velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src"
},
"product_reference": "velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch"
},
"product_reference": "xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src"
},
"product_reference": "xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch"
},
"product_reference": "xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src"
},
"product_reference": "xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch"
},
"product_reference": "xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src"
},
"product_reference": "xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch"
},
"product_reference": "xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src"
},
"product_reference": "xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch"
},
"product_reference": "xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src"
},
"product_reference": "xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch"
},
"product_reference": "xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src as a component of pki-deps:10.6:8030020200527165326:30b713e6 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src"
},
"product_reference": "xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src",
"relates_to_product_reference": "AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-9251",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2016-11-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1399546"
}
],
"notes": [
{
"category": "description",
"text": "jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Cross-site scripting via cross-domain ajax requests",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-9251"
},
{
"category": "external",
"summary": "RHBZ#1399546",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1399546"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-9251",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9251"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-9251",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-9251"
}
],
"release_date": "2015-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:39:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4847"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Cross-site scripting via cross-domain ajax requests"
},
{
"cve": "CVE-2016-10735",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668097"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the data-target attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-10735"
},
{
"category": "external",
"summary": "RHBZ#1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10735"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735"
}
],
"release_date": "2016-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:39:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4847"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the data-target attribute"
},
{
"cve": "CVE-2018-14040",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601614"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14040"
},
{
"category": "external",
"summary": "RHBZ#1601614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14040",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14040"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:39:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4847"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute"
},
{
"cve": "CVE-2018-14042",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601617"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14042"
},
{
"category": "external",
"summary": "RHBZ#1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14042",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14042"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:39:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4847"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip"
},
{
"cve": "CVE-2019-8331",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-02-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1686454"
}
],
"notes": [
{
"category": "description",
"text": "A cross-site scripting vulnerability was discovered in bootstrap. If an attacker could control the data given to tooltip or popover, they could inject HTML or Javascript into the rendered page when tooltip or popover events fired.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the tooltip or popover data-template attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-8331"
},
{
"category": "external",
"summary": "RHBZ#1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-8331",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8331"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331"
}
],
"release_date": "2019-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:39:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4847"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the tooltip or popover data-template attribute"
},
{
"acknowledgments": [
{
"names": [
"Pritam Singh"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2019-10146",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-05-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1710171"
}
],
"notes": [
{
"category": "description",
"text": "A Reflected Cross Site Scripting flaw was found in the pki-ca module from the pki-core server due to the CA Agent Service not properly sanitizing the certificate request page. An attacker could inject a specially crafted value that will be executed on the victim\u0027s browser.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pki-core: Reflected XSS in \u0027path length\u0027 constraint field in CA\u0027s Agent page",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is considered Low, because it requires the attacker to first request or predict a valid nonce. Without a valid nonce, no arbitrary HTML will be sent back to the victim\u0027s browser.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-10146"
},
{
"category": "external",
"summary": "RHBZ#1710171",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1710171"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-10146",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10146"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10146",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10146"
}
],
"release_date": "2020-02-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:39:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4847"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "pki-core: Reflected XSS in \u0027path length\u0027 constraint field in CA\u0027s Agent page"
},
{
"acknowledgments": [
{
"names": [
"Pritam Singh"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2019-10179",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-04-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1695901"
}
],
"notes": [
{
"category": "description",
"text": "It was found that the Key Recovery Authority (KRA) Agent Service did not properly sanitize recovery request search page, enabling a Reflected Cross Site Scripting (XSS) vulnerability. An attacker could trick an authenticated victim into executing specially crafted Javascript code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA\u0027s DRM agent page in authorize recovery tab",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Low : the web UI uses client TLS authentication, therefore stealing session cookies will not be sufficient for unauthorized access. The vulnerable page itself does not contain secrets.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-10179"
},
{
"category": "external",
"summary": "RHBZ#1695901",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695901"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-10179",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10179"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10179",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10179"
}
],
"release_date": "2020-02-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:39:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4847"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA\u0027s DRM agent page in authorize recovery tab"
},
{
"acknowledgments": [
{
"names": [
"Pritam Singh"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2019-10221",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-07-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1732565"
}
],
"notes": [
{
"category": "description",
"text": "A Reflected Cross Site Scripting vulnerability was found in the pki-ca module from the pki-core server. This flaw is caused by missing sanitization of the GET URL parameters. An attacker could abuse this flaw to trick an authenticated user into clicking a specially crafted link which can execute arbitrary code when viewed in a browser.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pki-core: Reflected XSS in getcookies?url= endpoint in CA",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Low : the web UI uses client TLS authentication, therefore stealing session cookies will not be sufficient for unauthorized access. The vulnerable page itself does not contain secrets.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-10221"
},
{
"category": "external",
"summary": "RHBZ#1732565",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1732565"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-10221",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10221"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10221",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10221"
}
],
"release_date": "2020-02-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:39:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4847"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "pki-core: Reflected XSS in getcookies?url= endpoint in CA"
},
{
"cve": "CVE-2019-11358",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-03-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1701972"
}
],
"notes": [
{
"category": "description",
"text": "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-11358"
},
{
"category": "external",
"summary": "RHBZ#1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/",
"url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/"
},
{
"category": "external",
"summary": "https://www.drupal.org/sa-core-2019-006",
"url": "https://www.drupal.org/sa-core-2019-006"
}
],
"release_date": "2019-03-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:39:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4847"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection"
},
{
"acknowledgments": [
{
"names": [
"Pritam Singh"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2020-1721",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-11-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1777579"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Key Recovery Authority (KRA) Agent Service where it did not properly sanitize the recovery ID during a key recovery request, enabling a Reflected Cross-Site Scripting (XSS) vulnerability. An attacker could trick an authenticated victim into executing specially crafted Javascript code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pki-core: KRA vulnerable to reflected XSS via the getPk12 page",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Low : the web UI uses client TLS authentication, therefore stealing session cookies will not be sufficient for unauthorized access. The vulnerable page itself does not contain secrets.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-1721"
},
{
"category": "external",
"summary": "RHBZ#1777579",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1777579"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-1721",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1721"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1721",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1721"
}
],
"release_date": "2020-02-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:39:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4847"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "pki-core: KRA vulnerable to reflected XSS via the getPk12 page"
},
{
"acknowledgments": [
{
"names": [
"@ZeddYu"
],
"organization": "Apache Tomcat Security Team"
}
],
"cve": "CVE-2020-1935",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2019-12-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1806835"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Tomcat. The HTTP header parsing code used an approach to end-of-line (EOL) parsing that allowed some invalid HTTP headers to be parsed as valid. This led to the possibility of HTTP Request Smuggling if Tomcat was located behind a reverse proxy that incorrectly handled the invalid Transfer-Encoding header in a particular manner. The highest threat with this vulnerability is system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Mishandling of Transfer-Encoding header allows for HTTP request smuggling",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenDaylight in Red Hat OpenStack 10 \u0026 13 was in technical preview status, because of this no fixes will be released for it.\n\nIn Red Hat Satellite 6, Candlepin is using Tomcat to provide a REST API, and has been found to be vulnerable to the flaw. However, it is currently believed that no useful attacks can be carried over.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-1935"
},
{
"category": "external",
"summary": "RHBZ#1806835",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1806835"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-1935",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1935"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1935",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1935"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.100",
"url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.100"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.51",
"url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.51"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.31",
"url": "https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.31"
}
],
"release_date": "2020-02-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:39:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4847"
},
{
"category": "workaround",
"details": "Workaround for Red Hat Satellite 6 is to add iptables rule to deny TCP requests of Tomcat that are not originating from the Satellite.\n\nFor other Red Hat products, either mitigation isn\u0027t available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "tomcat: Mishandling of Transfer-Encoding header allows for HTTP request smuggling"
},
{
"cve": "CVE-2020-1938",
"cwe": {
"id": "CWE-285",
"name": "Improper Authorization"
},
"discovery_date": "2020-02-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1806398"
}
],
"notes": [
{
"category": "description",
"text": "CVE-2020-1938 is a file read/inclusion vulnerability in the AJP connector in Apache Tomcat. This is enabled by default with a default configuration port of 8009. A remote, unauthenticated attacker could exploit this vulnerability to read web application files from a vulnerable server. In instances where the vulnerable server allows file uploads, an attacker could upload malicious JavaServer Pages (JSP) code within a variety of file types and trigger this vulnerability to gain remote code execution (RCE).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Please refer to the Red Hat knowledgebase article: https://access.redhat.com/solutions/4851251 and CVE page https://access.redhat.com/security/cve/cve-2020-1745",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-1938"
},
{
"category": "external",
"summary": "RHBZ#1806398",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1806398"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-1938",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1938"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1938",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1938"
},
{
"category": "external",
"summary": "https://meterpreter.org/cve-2020-1938-apache-tomcat-ajp-connector-remote-code-execution-vulnerability-alert/",
"url": "https://meterpreter.org/cve-2020-1938-apache-tomcat-ajp-connector-remote-code-execution-vulnerability-alert/"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.100",
"url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.100"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.51",
"url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.51"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.31",
"url": "https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.31"
},
{
"category": "external",
"summary": "https://www.cnvd.org.cn/webinfo/show/5415",
"url": "https://www.cnvd.org.cn/webinfo/show/5415"
},
{
"category": "external",
"summary": "https://www.tenable.com/blog/cve-2020-1938-ghostcat-apache-tomcat-ajp-file-readinclusion-vulnerability-cnvd-2020-10487",
"url": "https://www.tenable.com/blog/cve-2020-1938-ghostcat-apache-tomcat-ajp-file-readinclusion-vulnerability-cnvd-2020-10487"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2020-02-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:39:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4847"
},
{
"category": "workaround",
"details": "Please refer to the Red Hat knowledgebase article: https://access.redhat.com/solutions/4851251",
"product_ids": [
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2022-03-03T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Moderate"
}
],
"title": "tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability"
},
{
"cve": "CVE-2020-11022",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-04-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1828406"
}
],
"notes": [
{
"category": "description",
"text": "A Cross-site scripting (XSS) vulnerability exists in JQuery. This flaw allows an attacker with the ability to supply input to the \u2018HTML\u2019 function to inject Javascript into the page where that input is rendered, and have it delivered by the browser.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "No supported release of Red Hat OpenStack Platform is affected by this vulnerability as no shipped packages contain the vulnerable code.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11022"
},
{
"category": "external",
"summary": "RHBZ#1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11022",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2",
"url": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2"
}
],
"release_date": "2020-04-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:39:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4847"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method"
},
{
"cve": "CVE-2020-11023",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-06-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1850004"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jQuery. HTML containing \\\u003coption\\\u003e elements from untrusted sources are passed, even after sanitizing, to one of jQuery\u0027s DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux versions 6, 7, and 8 ship a vulnerable version of JQuery in the `pcs` component. However, the vulnerability has not been found to be exploitable in reasonable scenarios. \n\nIn RHEL7, pcs-0.9.169-3.el7_9.3 [RHSA-2022:7343] contains an updated version of jquery (3.6.0), which does not contain the vulnerable code.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11023"
},
{
"category": "external",
"summary": "RHBZ#1850004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/",
"url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/"
}
],
"release_date": "2020-04-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:39:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4847"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods"
},
{
"acknowledgments": [
{
"names": [
"Christian Heimes"
]
}
],
"cve": "CVE-2020-15720",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2020-06-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1855273"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in PKI, where the dogtag\u0027s pki.client.PKIConnection class disables the python-requests certificate validation. This flaw allows an attacker to intercept a connection between a FreeIPA client and a server, and execute an active Man-in-the-Middle attack. The highest threat from this vulnerability is to confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pki: Dogtag\u0027s python client does not validate certificates",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In PKI, the pki.client.PKIConnection python class is used by the `pki-server` and `pkispawn` commands. `pki-server` runs locally on the server, thus not subject to a Person in the Middle attack. `pkispawn` may access remote node in decentralized or cloned contexts.\n\nIdentity Management (IPA) command line interface (the vault related sub-commands) may call pki.client.PKIConnection().",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-15720"
},
{
"category": "external",
"summary": "RHBZ#1855273",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1855273"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-15720",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15720"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-15720",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15720"
}
],
"release_date": "2020-06-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:39:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4847"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "pki: Dogtag\u0027s python client does not validate certificates"
},
{
"cve": "CVE-2020-25715",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-10-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1891016"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in pki-core. A specially crafted POST request can be used to reflect a DOM-based cross-site scripting (XSS) attack to inject code into the search query form which can get automatically executed. The highest threat from this vulnerability is to data integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pki-core: XSS in the certificate search results",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux 8.3 (pki-core 10.9.4) contains mitigations that prevents the vulnerability to be exploited. Red Hat Enterprise Linux version 8 prior to 8.3 are vulnerable to this version",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-25715"
},
{
"category": "external",
"summary": "RHBZ#1891016",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1891016"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-25715",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25715"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-25715",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25715"
}
],
"release_date": "2021-03-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:39:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4847"
},
{
"category": "workaround",
"details": "Because the cross-site scripting (XSS) attack requires the victim to have their RHCS certificate installed in their web browser to be successful, it is recommended that web browser not hold the keys and that the user use the command line interface (CLI) instead.",
"product_ids": [
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "pki-core: XSS in the certificate search results"
},
{
"cve": "CVE-2022-25762",
"cwe": {
"id": "CWE-226",
"name": "Sensitive Information in Resource Not Removed Before Reuse"
},
"discovery_date": "2022-05-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2085304"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the tomcat package. When a web application sends a WebSocket message concurrently with the WebSocket connection closing, the application may continue to use the socket after it has been closed. In this case, the error handling triggered could cause the pooled object to be placed in the pool twice. This issue results in subsequent connections using the same object concurrently, which causes data to be potentially returned to the wrong user or application stability issues.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: request mixup",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects Apache Tomcat 8.5.0 to 8.5.75 or Apache Tomcat 9.0.0.M1 to 9.0.20.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25762"
},
{
"category": "external",
"summary": "RHBZ#2085304",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2085304"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25762",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25762"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25762",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25762"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.76",
"url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.76"
}
],
"release_date": "2022-05-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:39:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4847"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debuginfo-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-debugsource-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:jss-javadoc-0:4.7.3-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:ldapjdk-javadoc-0:4.22.0-1.module+el8.3.0+6784+6e1e4c62.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-base-java-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-ca-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.src",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-core-debugsource-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-kra-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-server-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-symkey-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.aarch64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.ppc64le",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.s390x",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:pki-tools-debuginfo-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.x86_64",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:python3-pki-0:10.9.4-1.module+el8.3.0+8058+d5cd4219.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.noarch",
"AppStream-8.3.0.GA:pki-core:10.6:8030020200911215836:5ff1562f:tomcatjss-0:7.5.0-1.module+el8.3.0+7355+c59bcbd9.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-collections-0:3.2.2-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-lang-0:2.6-21.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:apache-commons-net-0:3.6-3.module+el8.3.0+6805+72837426.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:bea-stax-api-0:1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-fastinfoset-0:1.2.13-9.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-api-0:2.2.12-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-core-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-runtime-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:glassfish-jaxb-txw2-0:2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-annotations-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-core-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-databind-0:2.10.0-1.module+el8.2.0+5059+3eb3af25.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-json-provider-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-jaxrs-providers-0:2.9.9-1.module+el8.1.0+3832+9784644d.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jackson-module-jaxb-annotations-0:2.7.6-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:jakarta-commons-httpclient-1:3.1-28.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:javassist-javadoc-0:3.18.1-8.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-4.0-api-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:pki-servlet-engine-1:9.0.30-1.module+el8.3.0+6730+8f9c6254.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-debugsource-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python-nss-doc-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.aarch64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.ppc64le",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.s390x",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:python3-nss-debuginfo-0:1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:relaxngDatatype-0:2011.1-7.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:resteasy-0:3.0.26-3.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:slf4j-jdk14-0:1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:stax-ex-0:1.7.7-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:velocity-0:1.7-24.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xalan-j2-0:2.7.1-38.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xerces-j2-0:2.11.0-34.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-apis-0:1.4.01-25.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xml-commons-resolver-0:1.2-26.module+el8.1.0+3366+6dfb954c.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xmlstreambuffer-0:1.5.4-8.module+el8.2.0+5723+4574fbff.src",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch",
"AppStream-8.3.0.GA:pki-deps:10.6:8030020200527165326:30b713e6:xsom-0:0-19.20110809svn.module+el8.1.0+3366+6dfb954c.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "tomcat: request mixup"
}
]
}
RHSA-2020:0133
Vulnerability from csaf_redhat
Published
2020-01-16 16:02
Modified
2025-10-10 01:34
Summary
Red Hat Security Advisory: Red Hat Decision Manager 7.6.0 Security Update
Notes
Topic
An update is now available for Red Hat Decision Manager.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Decision Manager is an open source decision management platform that combines business rules management, complex event processing, Decision Model & Notation (DMN) execution, and Business Optimizer for solving planning problems. It automates business decisions and makes that logic available to the entire business.
This release of Red Hat Decision Manager 7.6.0 serves as an update to Red Hat Decision Manager 7.5.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* bootstrap: XSS in the affix configuration target property (CVE-2018-20677)
* bootstrap: XSS in the data-target attribute (CVE-2016-10735)
* bootstrap: XSS in the tooltip data-viewport attribute (CVE-2018-20676)
* Business-central: Encrypted password shown under Object id 7 of errai_security_context (CVE-2019-14886)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat Decision Manager.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Decision Manager is an open source decision management platform that combines business rules management, complex event processing, Decision Model \u0026 Notation (DMN) execution, and Business Optimizer for solving planning problems. It automates business decisions and makes that logic available to the entire business. \n\nThis release of Red Hat Decision Manager 7.6.0 serves as an update to Red Hat Decision Manager 7.5.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* bootstrap: XSS in the affix configuration target property (CVE-2018-20677)\n\n* bootstrap: XSS in the data-target attribute (CVE-2016-10735)\n\n* bootstrap: XSS in the tooltip data-viewport attribute (CVE-2018-20676)\n\n* Business-central: Encrypted password shown under Object id 7 of errai_security_context (CVE-2019-14886)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:0133",
"url": "https://access.redhat.com/errata/RHSA-2020:0133"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=rhdm\u0026version=7.6.0",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=rhdm\u0026version=7.6.0"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_decision_manager/7.6/html/release_notes_for_red_hat_decision_manager_7.6/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_decision_manager/7.6/html/release_notes_for_red_hat_decision_manager_7.6/index"
},
{
"category": "external",
"summary": "1668082",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668082"
},
{
"category": "external",
"summary": "1668089",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668089"
},
{
"category": "external",
"summary": "1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "1771354",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1771354"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_0133.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Decision Manager 7.6.0 Security Update",
"tracking": {
"current_release_date": "2025-10-10T01:34:08+00:00",
"generator": {
"date": "2025-10-10T01:34:08+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2020:0133",
"initial_release_date": "2020-01-16T16:02:45+00:00",
"revision_history": [
{
"date": "2020-01-16T16:02:45+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-01-16T16:02:45+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-10T01:34:08+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Decision Manager 7",
"product": {
"name": "Red Hat Decision Manager 7",
"product_id": "Red Hat Decision Manager 7",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_brms_platform:7.6"
}
}
}
],
"category": "product_family",
"name": "Red Hat Decision Manager"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-10735",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668097"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the data-target attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Decision Manager 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-10735"
},
{
"category": "external",
"summary": "RHBZ#1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10735"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735"
}
],
"release_date": "2016-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-01-16T16:02:45+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Decision Manager 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0133"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat Decision Manager 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the data-target attribute"
},
{
"cve": "CVE-2018-20676",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668082"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting, caused by improper validation of user-supplied input by the tooltip data-viewport attribute. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the tooltip data-viewport attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions do not use the vulnerable component at all.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Decision Manager 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-20676"
},
{
"category": "external",
"summary": "RHBZ#1668082",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668082"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-20676",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20676"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20676",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20676"
}
],
"release_date": "2018-08-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-01-16T16:02:45+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Decision Manager 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0133"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat Decision Manager 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the tooltip data-viewport attribute"
},
{
"cve": "CVE-2018-20677",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668089"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting caused by improper validation of user-supplied input by the affix configuration target property. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the affix configuration target property",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions do not use the vulnerable component at all.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Decision Manager 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-20677"
},
{
"category": "external",
"summary": "RHBZ#1668089",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668089"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-20677",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20677"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20677",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20677"
}
],
"release_date": "2018-08-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-01-16T16:02:45+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Decision Manager 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0133"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat Decision Manager 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the affix configuration target property"
},
{
"cve": "CVE-2019-14886",
"cwe": {
"id": "CWE-312",
"name": "Cleartext Storage of Sensitive Information"
},
"discovery_date": "2019-11-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1771354"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in business-central where encoded passwords are stored in errai_security_context. The encoding used for storing the passwords is Base64, not an encryption algorithm, and any recovery of these passwords could lead to user passwords being exposed.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Business-central: Encrypted password shown under Object id 7 of errai_security_context",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Decision Manager 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-14886"
},
{
"category": "external",
"summary": "RHBZ#1771354",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1771354"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-14886",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14886"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14886",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14886"
},
{
"category": "external",
"summary": "https://groups.google.com/forum/?utm_medium=email\u0026utm_source=footer#!msg/jbpm-usage/74pSuwfGKRU/0oXpmRScBQAJ",
"url": "https://groups.google.com/forum/?utm_medium=email\u0026utm_source=footer#!msg/jbpm-usage/74pSuwfGKRU/0oXpmRScBQAJ"
}
],
"release_date": "2019-09-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-01-16T16:02:45+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Decision Manager 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0133"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat Decision Manager 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Business-central: Encrypted password shown under Object id 7 of errai_security_context"
}
]
}
rhsa-2019:1456
Vulnerability from csaf_redhat
Published
2019-06-11 15:32
Modified
2025-10-10 02:11
Summary
Red Hat Security Advisory: Red Hat Single Sign-On 7.3.2 security update
Notes
Topic
A security update is now available for Red Hat Single Sign-On 7.3 from the Customer Portal.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.
This release of Red Hat Single Sign-On 7.3.2 serves as a replacement for Red Hat Single Sign-On 7.3.1, and includes bug fixes and enhancements, which are documented in the Release Notes document.
Security Fix(es):
* bootstrap: XSS in the data-target attribute (CVE-2016-10735)
* bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy (CVE-2018-14041)
* bootstrap: XSS in the tooltip data-viewport attribute (CVE-2018-20676)
* bootstrap: XSS in the affix configuration target property (CVE-2018-20677)
* picketlink: reflected XSS in SAMLRequest via RelayState parameter (CVE-2019-3872)
* picketlink: URL injection via xinclude parameter (CVE-2019-3873)
* keycloak: X.509 authentication: CRL signatures are not verified (CVE-2019-3875)
* undertow: leak credentials to log files UndertowLogger.REQUEST_LOGGER.undertowRequestFailed (CVE-2019-3888)
* bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331)
* keycloak: Node.js adapter internal NBF can be manipulated (CVE-2019-10157)
* js-jquery: prototype pollution in object's prototype leading to denial of service or remote code execution or property injection (CVE-2019-11358)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update is now available for Red Hat Single Sign-On 7.3 from the Customer Portal.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.\n\nThis release of Red Hat Single Sign-On 7.3.2 serves as a replacement for Red Hat Single Sign-On 7.3.1, and includes bug fixes and enhancements, which are documented in the Release Notes document.\n\nSecurity Fix(es):\n\n* bootstrap: XSS in the data-target attribute (CVE-2016-10735)\n\n* bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy (CVE-2018-14041)\n\n* bootstrap: XSS in the tooltip data-viewport attribute (CVE-2018-20676)\n\n* bootstrap: XSS in the affix configuration target property (CVE-2018-20677)\n\n* picketlink: reflected XSS in SAMLRequest via RelayState parameter (CVE-2019-3872)\n\n* picketlink: URL injection via xinclude parameter (CVE-2019-3873)\n\n* keycloak: X.509 authentication: CRL signatures are not verified (CVE-2019-3875)\n\n* undertow: leak credentials to log files UndertowLogger.REQUEST_LOGGER.undertowRequestFailed (CVE-2019-3888)\n\n* bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331)\n\n* keycloak: Node.js adapter internal NBF can be manipulated (CVE-2019-10157)\n\n* js-jquery: prototype pollution in object\u0027s prototype leading to denial of service or remote code execution or property injection (CVE-2019-11358)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2019:1456",
"url": "https://access.redhat.com/errata/RHSA-2019:1456"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=core.service.rhsso\u0026downloadType=securityPatches\u0026version=7.3",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=core.service.rhsso\u0026downloadType=securityPatches\u0026version=7.3"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.3/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.3/"
},
{
"category": "external",
"summary": "1601616",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601616"
},
{
"category": "external",
"summary": "1668082",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668082"
},
{
"category": "external",
"summary": "1668089",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668089"
},
{
"category": "external",
"summary": "1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "external",
"summary": "1688966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1688966"
},
{
"category": "external",
"summary": "1689014",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1689014"
},
{
"category": "external",
"summary": "1690628",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1690628"
},
{
"category": "external",
"summary": "1693777",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1693777"
},
{
"category": "external",
"summary": "1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "1702953",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1702953"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_1456.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Single Sign-On 7.3.2 security update",
"tracking": {
"current_release_date": "2025-10-10T02:11:39+00:00",
"generator": {
"date": "2025-10-10T02:11:39+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2019:1456",
"initial_release_date": "2019-06-11T15:32:12+00:00",
"revision_history": [
{
"date": "2019-06-11T15:32:12+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2019-06-11T15:32:12+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-10T02:11:39+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Single Sign-On 7.3.2 zip",
"product": {
"name": "Red Hat Single Sign-On 7.3.2 zip",
"product_id": "Red Hat Single Sign-On 7.3.2 zip",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_single_sign_on:7.3"
}
}
}
],
"category": "product_family",
"name": "Red Hat Single Sign-On"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-10735",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668097"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the data-target attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.3.2 zip"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-10735"
},
{
"category": "external",
"summary": "RHBZ#1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10735"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735"
}
],
"release_date": "2016-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-06-11T15:32:12+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.3.2 zip"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1456"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat Single Sign-On 7.3.2 zip"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the data-target attribute"
},
{
"cve": "CVE-2018-14041",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601616"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting, caused by improper validation of user-supplied input by the data-target property of scrollspy. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.3.2 zip"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14041"
},
{
"category": "external",
"summary": "RHBZ#1601616",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601616"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14041",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14041"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14041",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14041"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-06-11T15:32:12+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.3.2 zip"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1456"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat Single Sign-On 7.3.2 zip"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy"
},
{
"cve": "CVE-2018-20676",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668082"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting, caused by improper validation of user-supplied input by the tooltip data-viewport attribute. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the tooltip data-viewport attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions do not use the vulnerable component at all.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.3.2 zip"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-20676"
},
{
"category": "external",
"summary": "RHBZ#1668082",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668082"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-20676",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20676"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20676",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20676"
}
],
"release_date": "2018-08-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-06-11T15:32:12+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.3.2 zip"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1456"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat Single Sign-On 7.3.2 zip"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the tooltip data-viewport attribute"
},
{
"cve": "CVE-2018-20677",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668089"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting caused by improper validation of user-supplied input by the affix configuration target property. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the affix configuration target property",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions do not use the vulnerable component at all.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.3.2 zip"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-20677"
},
{
"category": "external",
"summary": "RHBZ#1668089",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668089"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-20677",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20677"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20677",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20677"
}
],
"release_date": "2018-08-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-06-11T15:32:12+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.3.2 zip"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1456"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat Single Sign-On 7.3.2 zip"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the affix configuration target property"
},
{
"cve": "CVE-2019-3872",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1688966"
}
],
"notes": [
{
"category": "description",
"text": "It was found that a SAMLRequest containing a script could be processed by Picketlink versions shipped in Jboss Application Platform 7.2.x and 7.1.x. An attacker could use this to send a malicious script to achieve cross-site scripting and obtain unauthorized information or conduct further attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "picketlink: reflected XSS in SAMLRequest via RelayState parameter",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.3.2 zip"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-3872"
},
{
"category": "external",
"summary": "RHBZ#1688966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1688966"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-3872",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3872"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-3872",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3872"
}
],
"release_date": "2019-06-10T15:16:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-06-11T15:32:12+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.3.2 zip"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1456"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat Single Sign-On 7.3.2 zip"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "picketlink: reflected XSS in SAMLRequest via RelayState parameter"
},
{
"cve": "CVE-2019-3873",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1689014"
}
],
"notes": [
{
"category": "description",
"text": "It was found that Picketlink as shipped with Jboss Enterprise Application Platform 7.2 would accept an xinclude parameter in SAMLresponse XML. An attacker could use this flaw to send a URL to achieve cross-site scripting or possibly conduct further attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "picketlink: URL injection via xinclude parameter",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.3.2 zip"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-3873"
},
{
"category": "external",
"summary": "RHBZ#1689014",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1689014"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-3873",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3873"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-3873",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3873"
}
],
"release_date": "2019-06-10T15:16:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-06-11T15:32:12+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.3.2 zip"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1456"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L",
"version": "3.0"
},
"products": [
"Red Hat Single Sign-On 7.3.2 zip"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "picketlink: URL injection via xinclude parameter"
},
{
"acknowledgments": [
{
"names": [
"Marek Posolda"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2019-3875",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2019-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1690628"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in keycloak before 6.0.2. The X.509 authenticator supports the verification of client certificates through the CRL, where the CRL list can be obtained from the URL provided in the certificate itself (CDP) or through the separately configured path. The CRL are often available over the network through unsecured protocols (\u0027http\u0027 or \u0027ldap\u0027) and hence the caller should verify the signature and possibly the certification path. Keycloak currently doesn\u0027t validate signatures on CRL, which can result in a possibility of various attacks like man-in-the-middle.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: missing signatures validation on CRL used to verify client certificates",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.3.2 zip"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-3875"
},
{
"category": "external",
"summary": "RHBZ#1690628",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1690628"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-3875",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3875"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-3875",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3875"
}
],
"release_date": "2019-06-11T14:22:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-06-11T15:32:12+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.3.2 zip"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1456"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat Single Sign-On 7.3.2 zip"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "keycloak: missing signatures validation on CRL used to verify client certificates"
},
{
"acknowledgments": [
{
"names": [
"Carter Kozak"
]
}
],
"cve": "CVE-2019-3888",
"cwe": {
"id": "CWE-532",
"name": "Insertion of Sensitive Information into Log File"
},
"discovery_date": "2019-03-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1693777"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Undertow web server before 2.0.21. An information exposure of plain text credentials through log files because Connectors.executeRootHandler:402 logs the HttpServerExchange object at ERROR level using UndertowLogger.REQUEST_LOGGER.undertowRequestFailed(t, exchange)",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: leak credentials to log files UndertowLogger.REQUEST_LOGGER.undertowRequestFailed",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.3.2 zip"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-3888"
},
{
"category": "external",
"summary": "RHBZ#1693777",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1693777"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-3888",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3888"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-3888",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3888"
}
],
"release_date": "2019-06-10T15:13:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-06-11T15:32:12+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.3.2 zip"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1456"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"Red Hat Single Sign-On 7.3.2 zip"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undertow: leak credentials to log files UndertowLogger.REQUEST_LOGGER.undertowRequestFailed"
},
{
"cve": "CVE-2019-8331",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-02-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1686454"
}
],
"notes": [
{
"category": "description",
"text": "A cross-site scripting vulnerability was discovered in bootstrap. If an attacker could control the data given to tooltip or popover, they could inject HTML or Javascript into the rendered page when tooltip or popover events fired.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the tooltip or popover data-template attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.3.2 zip"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-8331"
},
{
"category": "external",
"summary": "RHBZ#1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-8331",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8331"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331"
}
],
"release_date": "2019-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-06-11T15:32:12+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.3.2 zip"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1456"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat Single Sign-On 7.3.2 zip"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the tooltip or popover data-template attribute"
},
{
"cve": "CVE-2019-10157",
"cwe": {
"id": "CWE-345",
"name": "Insufficient Verification of Data Authenticity"
},
"discovery_date": "2019-04-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1702953"
}
],
"notes": [
{
"category": "description",
"text": "It was found that Keycloak\u0027s Node.js adapter did not properly verify the web token received from the server in its backchannel logout. An attacker with local access could use this to construct a malicious web token setting an NBF parameter that could prevent user access indefinitely.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: Node.js adapter internal NBF can be manipulated leading to DoS.",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.3.2 zip"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-10157"
},
{
"category": "external",
"summary": "RHBZ#1702953",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1702953"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-10157",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10157"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10157",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10157"
}
],
"release_date": "2019-06-11T14:23:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-06-11T15:32:12+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.3.2 zip"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1456"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"Red Hat Single Sign-On 7.3.2 zip"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "keycloak: Node.js adapter internal NBF can be manipulated leading to DoS."
},
{
"cve": "CVE-2019-11358",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-03-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1701972"
}
],
"notes": [
{
"category": "description",
"text": "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.3.2 zip"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-11358"
},
{
"category": "external",
"summary": "RHBZ#1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/",
"url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/"
},
{
"category": "external",
"summary": "https://www.drupal.org/sa-core-2019-006",
"url": "https://www.drupal.org/sa-core-2019-006"
}
],
"release_date": "2019-03-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-06-11T15:32:12+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.3.2 zip"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1456"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"Red Hat Single Sign-On 7.3.2 zip"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection"
}
]
}
rhsa-2020:3936
Vulnerability from csaf_redhat
Published
2020-09-29 21:12
Modified
2025-10-13 04:53
Summary
Red Hat Security Advisory: ipa security, bug fix, and enhancement update
Notes
Topic
An update for ipa is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments.
The following packages have been upgraded to a later upstream version: ipa (4.6.8). (BZ#1819725)
Security Fix(es):
* js-jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251)
* bootstrap: XSS in the data-target attribute (CVE-2016-10735)
* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)
* bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip. (CVE-2018-14042)
* bootstrap: XSS in the tooltip data-viewport attribute (CVE-2018-20676)
* bootstrap: XSS in the affix configuration target property (CVE-2018-20677)
* bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331)
* js-jquery: prototype pollution in object's prototype leading to denial of service or remote code execution or property injection (CVE-2019-11358)
* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)
* ipa: No password length restriction leads to denial of service (CVE-2020-1722)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.9 Release Notes linked from the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for ipa is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments.\n\nThe following packages have been upgraded to a later upstream version: ipa (4.6.8). (BZ#1819725)\n\nSecurity Fix(es):\n\n* js-jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251)\n\n* bootstrap: XSS in the data-target attribute (CVE-2016-10735)\n\n* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)\n\n* bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip. (CVE-2018-14042)\n\n* bootstrap: XSS in the tooltip data-viewport attribute (CVE-2018-20676)\n\n* bootstrap: XSS in the affix configuration target property (CVE-2018-20677)\n\n* bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331)\n\n* js-jquery: prototype pollution in object\u0027s prototype leading to denial of service or remote code execution or property injection (CVE-2019-11358)\n\n* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)\n\n* ipa: No password length restriction leads to denial of service (CVE-2020-1722)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.9 Release Notes linked from the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:3936",
"url": "https://access.redhat.com/errata/RHSA-2020:3936"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.9_release_notes/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.9_release_notes/index"
},
{
"category": "external",
"summary": "1399546",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1399546"
},
{
"category": "external",
"summary": "1404770",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1404770"
},
{
"category": "external",
"summary": "1545755",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1545755"
},
{
"category": "external",
"summary": "1601614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614"
},
{
"category": "external",
"summary": "1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "1668082",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668082"
},
{
"category": "external",
"summary": "1668089",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668089"
},
{
"category": "external",
"summary": "1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "external",
"summary": "1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "1754902",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1754902"
},
{
"category": "external",
"summary": "1755535",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1755535"
},
{
"category": "external",
"summary": "1756568",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1756568"
},
{
"category": "external",
"summary": "1758406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758406"
},
{
"category": "external",
"summary": "1769791",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1769791"
},
{
"category": "external",
"summary": "1771356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1771356"
},
{
"category": "external",
"summary": "1780548",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1780548"
},
{
"category": "external",
"summary": "1782587",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1782587"
},
{
"category": "external",
"summary": "1788718",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1788718"
},
{
"category": "external",
"summary": "1788907",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1788907"
},
{
"category": "external",
"summary": "1793071",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1793071"
},
{
"category": "external",
"summary": "1795890",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1795890"
},
{
"category": "external",
"summary": "1801791",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1801791"
},
{
"category": "external",
"summary": "1817886",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1817886"
},
{
"category": "external",
"summary": "1817918",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1817918"
},
{
"category": "external",
"summary": "1817919",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1817919"
},
{
"category": "external",
"summary": "1817922",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1817922"
},
{
"category": "external",
"summary": "1817923",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1817923"
},
{
"category": "external",
"summary": "1817927",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1817927"
},
{
"category": "external",
"summary": "1819725",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1819725"
},
{
"category": "external",
"summary": "1825829",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1825829"
},
{
"category": "external",
"summary": "1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "1829787",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1829787"
},
{
"category": "external",
"summary": "1834385",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1834385"
},
{
"category": "external",
"summary": "1842950",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1842950"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_3936.json"
}
],
"title": "Red Hat Security Advisory: ipa security, bug fix, and enhancement update",
"tracking": {
"current_release_date": "2025-10-13T04:53:19+00:00",
"generator": {
"date": "2025-10-13T04:53:19+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2020:3936",
"initial_release_date": "2020-09-29T21:12:26+00:00",
"revision_history": [
{
"date": "2020-09-29T21:12:26+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-09-29T21:12:26+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-13T04:53:19+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Client (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Client Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ComputeNode (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.9",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::workstation"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "ipa-0:4.6.8-5.el7.src",
"product": {
"name": "ipa-0:4.6.8-5.el7.src",
"product_id": "ipa-0:4.6.8-5.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa@4.6.8-5.el7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "ipa-client-0:4.6.8-5.el7.x86_64",
"product": {
"name": "ipa-client-0:4.6.8-5.el7.x86_64",
"product_id": "ipa-client-0:4.6.8-5.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client@4.6.8-5.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"product": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"product_id": "ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-debuginfo@4.6.8-5.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ipa-server-0:4.6.8-5.el7.x86_64",
"product": {
"name": "ipa-server-0:4.6.8-5.el7.x86_64",
"product_id": "ipa-server-0:4.6.8-5.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server@4.6.8-5.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"product": {
"name": "ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"product_id": "ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server-trust-ad@4.6.8-5.el7?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "ipa-client-common-0:4.6.8-5.el7.noarch",
"product": {
"name": "ipa-client-common-0:4.6.8-5.el7.noarch",
"product_id": "ipa-client-common-0:4.6.8-5.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-common@4.6.8-5.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ipa-common-0:4.6.8-5.el7.noarch",
"product": {
"name": "ipa-common-0:4.6.8-5.el7.noarch",
"product_id": "ipa-common-0:4.6.8-5.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-common@4.6.8-5.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ipa-python-compat-0:4.6.8-5.el7.noarch",
"product": {
"name": "ipa-python-compat-0:4.6.8-5.el7.noarch",
"product_id": "ipa-python-compat-0:4.6.8-5.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-python-compat@4.6.8-5.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python2-ipaclient-0:4.6.8-5.el7.noarch",
"product": {
"name": "python2-ipaclient-0:4.6.8-5.el7.noarch",
"product_id": "python2-ipaclient-0:4.6.8-5.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python2-ipaclient@4.6.8-5.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python2-ipalib-0:4.6.8-5.el7.noarch",
"product": {
"name": "python2-ipalib-0:4.6.8-5.el7.noarch",
"product_id": "python2-ipalib-0:4.6.8-5.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python2-ipalib@4.6.8-5.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ipa-server-common-0:4.6.8-5.el7.noarch",
"product": {
"name": "ipa-server-common-0:4.6.8-5.el7.noarch",
"product_id": "ipa-server-common-0:4.6.8-5.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server-common@4.6.8-5.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ipa-server-dns-0:4.6.8-5.el7.noarch",
"product": {
"name": "ipa-server-dns-0:4.6.8-5.el7.noarch",
"product_id": "ipa-server-dns-0:4.6.8-5.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server-dns@4.6.8-5.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python2-ipaserver-0:4.6.8-5.el7.noarch",
"product": {
"name": "python2-ipaserver-0:4.6.8-5.el7.noarch",
"product_id": "python2-ipaserver-0:4.6.8-5.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python2-ipaserver@4.6.8-5.el7?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "ipa-client-0:4.6.8-5.el7.s390x",
"product": {
"name": "ipa-client-0:4.6.8-5.el7.s390x",
"product_id": "ipa-client-0:4.6.8-5.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client@4.6.8-5.el7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "ipa-debuginfo-0:4.6.8-5.el7.s390x",
"product": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.s390x",
"product_id": "ipa-debuginfo-0:4.6.8-5.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-debuginfo@4.6.8-5.el7?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "ipa-client-0:4.6.8-5.el7.ppc64",
"product": {
"name": "ipa-client-0:4.6.8-5.el7.ppc64",
"product_id": "ipa-client-0:4.6.8-5.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client@4.6.8-5.el7?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"product": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"product_id": "ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-debuginfo@4.6.8-5.el7?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "ipa-client-0:4.6.8-5.el7.ppc64le",
"product": {
"name": "ipa-client-0:4.6.8-5.el7.ppc64le",
"product_id": "ipa-client-0:4.6.8-5.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client@4.6.8-5.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"product": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"product_id": "ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-debuginfo@4.6.8-5.el7?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-0:4.6.8-5.el7.src as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9:ipa-0:4.6.8-5.el7.src"
},
"product_reference": "ipa-0:4.6.8-5.el7.src",
"relates_to_product_reference": "7Client-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.ppc64",
"relates_to_product_reference": "7Client-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.ppc64le",
"relates_to_product_reference": "7Client-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.s390x as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.s390x",
"relates_to_product_reference": "7Client-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7Client-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-common-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-client-common-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Client-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-common-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-common-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Client-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"relates_to_product_reference": "7Client-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"relates_to_product_reference": "7Client-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.s390x as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.s390x",
"relates_to_product_reference": "7Client-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7Client-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-python-compat-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-python-compat-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Client-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-server-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7Client-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-common-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-server-common-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Client-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-dns-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-server-dns-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Client-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-trust-ad-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7Client-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-ipaclient-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch"
},
"product_reference": "python2-ipaclient-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Client-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-ipalib-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch"
},
"product_reference": "python2-ipalib-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Client-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-ipaserver-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
},
"product_reference": "python2-ipaserver-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Client-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-0:4.6.8-5.el7.src as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:ipa-0:4.6.8-5.el7.src"
},
"product_reference": "ipa-0:4.6.8-5.el7.src",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.ppc64",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.ppc64le",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.s390x",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-common-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-client-common-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-common-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-common-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.s390x",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-python-compat-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-python-compat-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-server-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-common-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-server-common-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-dns-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-server-dns-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-trust-ad-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-ipaclient-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch"
},
"product_reference": "python2-ipaclient-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-ipalib-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch"
},
"product_reference": "python2-ipalib-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-ipaserver-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
},
"product_reference": "python2-ipaserver-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-0:4.6.8-5.el7.src as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src"
},
"product_reference": "ipa-0:4.6.8-5.el7.src",
"relates_to_product_reference": "7ComputeNode-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.s390x",
"relates_to_product_reference": "7ComputeNode-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-common-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-client-common-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7ComputeNode-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-common-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-common-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7ComputeNode-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.s390x",
"relates_to_product_reference": "7ComputeNode-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-python-compat-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-python-compat-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7ComputeNode-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-server-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-common-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-server-common-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7ComputeNode-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-dns-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-server-dns-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7ComputeNode-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-trust-ad-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-ipaclient-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch"
},
"product_reference": "python2-ipaclient-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7ComputeNode-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-ipalib-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch"
},
"product_reference": "python2-ipalib-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7ComputeNode-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-ipaserver-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
},
"product_reference": "python2-ipaserver-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7ComputeNode-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-0:4.6.8-5.el7.src as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src"
},
"product_reference": "ipa-0:4.6.8-5.el7.src",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-common-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-client-common-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-common-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-common-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-python-compat-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-python-compat-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-server-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-common-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-server-common-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-dns-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-server-dns-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-trust-ad-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-ipaclient-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch"
},
"product_reference": "python2-ipaclient-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-ipalib-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch"
},
"product_reference": "python2-ipalib-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-ipaserver-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
},
"product_reference": "python2-ipaserver-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-0:4.6.8-5.el7.src as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:ipa-0:4.6.8-5.el7.src"
},
"product_reference": "ipa-0:4.6.8-5.el7.src",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.ppc64",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.ppc64le",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.s390x",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-common-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-client-common-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-common-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-common-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.s390x",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-python-compat-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-python-compat-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-server-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-common-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-server-common-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-dns-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-server-dns-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-trust-ad-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-ipaclient-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch"
},
"product_reference": "python2-ipaclient-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-ipalib-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch"
},
"product_reference": "python2-ipalib-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-ipaserver-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
},
"product_reference": "python2-ipaserver-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-0:4.6.8-5.el7.src as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:ipa-0:4.6.8-5.el7.src"
},
"product_reference": "ipa-0:4.6.8-5.el7.src",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.ppc64",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.ppc64le",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.s390x",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-common-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-client-common-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-common-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-common-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.s390x",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-python-compat-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-python-compat-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-server-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-common-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-server-common-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-dns-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-server-dns-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-trust-ad-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-ipaclient-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch"
},
"product_reference": "python2-ipaclient-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-ipalib-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch"
},
"product_reference": "python2-ipalib-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-ipaserver-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
},
"product_reference": "python2-ipaserver-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Workstation-7.9"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-9251",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2016-11-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1399546"
}
],
"notes": [
{
"category": "description",
"text": "jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Cross-site scripting via cross-domain ajax requests",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-9251"
},
{
"category": "external",
"summary": "RHBZ#1399546",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1399546"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-9251",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9251"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-9251",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-9251"
}
],
"release_date": "2015-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-29T21:12:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3936"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Cross-site scripting via cross-domain ajax requests"
},
{
"cve": "CVE-2016-10735",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668097"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the data-target attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-10735"
},
{
"category": "external",
"summary": "RHBZ#1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10735"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735"
}
],
"release_date": "2016-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-29T21:12:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3936"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the data-target attribute"
},
{
"cve": "CVE-2018-14040",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601614"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14040"
},
{
"category": "external",
"summary": "RHBZ#1601614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14040",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14040"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-29T21:12:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3936"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute"
},
{
"cve": "CVE-2018-14042",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601617"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14042"
},
{
"category": "external",
"summary": "RHBZ#1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14042",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14042"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-29T21:12:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3936"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip"
},
{
"cve": "CVE-2018-20676",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668082"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting, caused by improper validation of user-supplied input by the tooltip data-viewport attribute. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the tooltip data-viewport attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions do not use the vulnerable component at all.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-20676"
},
{
"category": "external",
"summary": "RHBZ#1668082",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668082"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-20676",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20676"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20676",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20676"
}
],
"release_date": "2018-08-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-29T21:12:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3936"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the tooltip data-viewport attribute"
},
{
"cve": "CVE-2018-20677",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668089"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting caused by improper validation of user-supplied input by the affix configuration target property. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the affix configuration target property",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions do not use the vulnerable component at all.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-20677"
},
{
"category": "external",
"summary": "RHBZ#1668089",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668089"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-20677",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20677"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20677",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20677"
}
],
"release_date": "2018-08-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-29T21:12:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3936"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the affix configuration target property"
},
{
"cve": "CVE-2019-8331",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-02-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1686454"
}
],
"notes": [
{
"category": "description",
"text": "A cross-site scripting vulnerability was discovered in bootstrap. If an attacker could control the data given to tooltip or popover, they could inject HTML or Javascript into the rendered page when tooltip or popover events fired.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the tooltip or popover data-template attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-8331"
},
{
"category": "external",
"summary": "RHBZ#1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-8331",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8331"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331"
}
],
"release_date": "2019-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-29T21:12:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3936"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the tooltip or popover data-template attribute"
},
{
"cve": "CVE-2019-11358",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-03-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1701972"
}
],
"notes": [
{
"category": "description",
"text": "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-11358"
},
{
"category": "external",
"summary": "RHBZ#1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/",
"url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/"
},
{
"category": "external",
"summary": "https://www.drupal.org/sa-core-2019-006",
"url": "https://www.drupal.org/sa-core-2019-006"
}
],
"release_date": "2019-03-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-29T21:12:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3936"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection"
},
{
"acknowledgments": [
{
"names": [
"Pritam Singh"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2020-1722",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2019-12-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1793071"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in IPA. When sending a very long password (\u003e= 1,000,000 characters) to the server, the password hashing process could exhaust memory and CPU leading to a denial of service and the website becoming unresponsive. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ipa: No password length restriction leads to denial of service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-1722"
},
{
"category": "external",
"summary": "RHBZ#1793071",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1793071"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-1722",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1722"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1722",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1722"
}
],
"release_date": "2020-04-14T04:26:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-29T21:12:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3936"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "ipa: No password length restriction leads to denial of service"
},
{
"cve": "CVE-2020-11022",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-04-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1828406"
}
],
"notes": [
{
"category": "description",
"text": "A Cross-site scripting (XSS) vulnerability exists in JQuery. This flaw allows an attacker with the ability to supply input to the \u2018HTML\u2019 function to inject Javascript into the page where that input is rendered, and have it delivered by the browser.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "No supported release of Red Hat OpenStack Platform is affected by this vulnerability as no shipped packages contain the vulnerable code.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11022"
},
{
"category": "external",
"summary": "RHBZ#1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11022",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2",
"url": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2"
}
],
"release_date": "2020-04-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-29T21:12:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3936"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method"
}
]
}
rhsa-2023:0556
Vulnerability from csaf_redhat
Published
2023-01-31 13:18
Modified
2025-10-13 04:53
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 7.4. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.8, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.9 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* jquery: Prototype pollution in object's prototype leading to denial of
service, remote code execution, or property injection (CVE-2019-11358)
* jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251)
* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)
* jquery: Untrusted code execution via <option> tag in HTML passed to DOM
manipulation methods (CVE-2020-11023)
* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)
* bootstrap: XSS in the data-target attribute (CVE-2016-10735)
* bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy (CVE-2018-14041)
* sshd-common: mina-sshd: Java unsafe deserialization vulnerability (CVE-2022-45047)
* woodstox-core: woodstox to serialise XML data was vulnerable to Denial of
Service attacks (CVE-2022-40152)
* bootstrap: Cross-site Scripting (XSS) in the data-container property of
tooltip (CVE-2018-14042)
* bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331)
* nodejs-moment: Regular expression denial of service (CVE-2017-18214)
* wildfly-elytron: possible timing attacks via use of unsafe comparator (CVE-2022-3143)
* jackson-databind: use of deeply nested arrays (CVE-2022-42004)
* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)
* jettison: parser crash by stackoverflow (CVE-2022-40149)
* jettison: memory exhaustion via user-supplied XML or JSON data (CVE-2022-40150)
* jettison: If the value in map is the map's self, the new new JSONObject(map) cause StackOverflowError which may lead to dos (CVE-2022-45693)
* CXF: Apache CXF: SSRF Vulnerability (CVE-2022-46364)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.4. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.8, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.9 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* jquery: Prototype pollution in object\u0027s prototype leading to denial of\nservice, remote code execution, or property injection (CVE-2019-11358)\n\n* jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251)\n\n* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)\n\n* jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM\nmanipulation methods (CVE-2020-11023)\n\n* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)\n\n* bootstrap: XSS in the data-target attribute (CVE-2016-10735)\n\n* bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy (CVE-2018-14041)\n\n* sshd-common: mina-sshd: Java unsafe deserialization vulnerability (CVE-2022-45047)\n\n* woodstox-core: woodstox to serialise XML data was vulnerable to Denial of\nService attacks (CVE-2022-40152)\n\n* bootstrap: Cross-site Scripting (XSS) in the data-container property of\ntooltip (CVE-2018-14042)\n\n* bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331)\n\n* nodejs-moment: Regular expression denial of service (CVE-2017-18214)\n\n* wildfly-elytron: possible timing attacks via use of unsafe comparator (CVE-2022-3143)\n\n* jackson-databind: use of deeply nested arrays (CVE-2022-42004)\n\n* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)\n\n* jettison: parser crash by stackoverflow (CVE-2022-40149)\n\n* jettison: memory exhaustion via user-supplied XML or JSON data (CVE-2022-40150)\n\n* jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos (CVE-2022-45693)\n\n* CXF: Apache CXF: SSRF Vulnerability (CVE-2022-46364)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:0556",
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
},
{
"category": "external",
"summary": "JBEAP-24081",
"url": "https://issues.redhat.com/browse/JBEAP-24081"
},
{
"category": "external",
"summary": "JBEAP-24095",
"url": "https://issues.redhat.com/browse/JBEAP-24095"
},
{
"category": "external",
"summary": "JBEAP-24100",
"url": "https://issues.redhat.com/browse/JBEAP-24100"
},
{
"category": "external",
"summary": "JBEAP-24127",
"url": "https://issues.redhat.com/browse/JBEAP-24127"
},
{
"category": "external",
"summary": "JBEAP-24128",
"url": "https://issues.redhat.com/browse/JBEAP-24128"
},
{
"category": "external",
"summary": "JBEAP-24132",
"url": "https://issues.redhat.com/browse/JBEAP-24132"
},
{
"category": "external",
"summary": "JBEAP-24147",
"url": "https://issues.redhat.com/browse/JBEAP-24147"
},
{
"category": "external",
"summary": "JBEAP-24167",
"url": "https://issues.redhat.com/browse/JBEAP-24167"
},
{
"category": "external",
"summary": "JBEAP-24191",
"url": "https://issues.redhat.com/browse/JBEAP-24191"
},
{
"category": "external",
"summary": "JBEAP-24195",
"url": "https://issues.redhat.com/browse/JBEAP-24195"
},
{
"category": "external",
"summary": "JBEAP-24207",
"url": "https://issues.redhat.com/browse/JBEAP-24207"
},
{
"category": "external",
"summary": "JBEAP-24248",
"url": "https://issues.redhat.com/browse/JBEAP-24248"
},
{
"category": "external",
"summary": "JBEAP-24426",
"url": "https://issues.redhat.com/browse/JBEAP-24426"
},
{
"category": "external",
"summary": "JBEAP-24427",
"url": "https://issues.redhat.com/browse/JBEAP-24427"
},
{
"category": "external",
"summary": "JBEAP-23865",
"url": "https://issues.redhat.com/browse/JBEAP-23865"
},
{
"category": "external",
"summary": "JBEAP-23866",
"url": "https://issues.redhat.com/browse/JBEAP-23866"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=appplatform\u0026version=7.4",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=appplatform\u0026version=7.4"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/"
},
{
"category": "external",
"summary": "JBEAP-24055",
"url": "https://issues.redhat.com/browse/JBEAP-24055"
},
{
"category": "external",
"summary": "JBEAP-23864",
"url": "https://issues.redhat.com/browse/JBEAP-23864"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_0556.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update",
"tracking": {
"current_release_date": "2025-10-13T04:53:24+00:00",
"generator": {
"date": "2025-10-13T04:53:24+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2023:0556",
"initial_release_date": "2023-01-31T13:18:26+00:00",
"revision_history": [
{
"date": "2023-01-31T13:18:26+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-01-31T13:18:26+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-13T04:53:24+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update",
"product": {
"name": "Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update",
"product_id": "Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-9251",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2016-11-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1399546"
}
],
"notes": [
{
"category": "description",
"text": "jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Cross-site scripting via cross-domain ajax requests",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-9251"
},
{
"category": "external",
"summary": "RHBZ#1399546",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1399546"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-9251",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9251"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-9251",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-9251"
}
],
"release_date": "2015-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:18:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jquery: Cross-site scripting via cross-domain ajax requests"
},
{
"cve": "CVE-2016-10735",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668097"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the data-target attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-10735"
},
{
"category": "external",
"summary": "RHBZ#1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10735"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735"
}
],
"release_date": "2016-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:18:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "bootstrap: XSS in the data-target attribute"
},
{
"cve": "CVE-2017-18214",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2018-03-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1553413"
}
],
"notes": [
{
"category": "description",
"text": "The moment module before 2.19.3 for Node.js is prone to a regular expression denial of service via a crafted date string, a different vulnerability than CVE-2016-4055.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-moment: Regular expression denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of momentjs as shipped with Red Hat Enterprise Satellite 5. Red Hat Product Security has rated this issue as having security impact of Moderate. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.\n\nIn Quay 3.10 and above, no version of affected momentjs is present.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-18214"
},
{
"category": "external",
"summary": "RHBZ#1553413",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1553413"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-18214",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18214"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-18214",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-18214"
}
],
"release_date": "2017-09-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:18:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "nodejs-moment: Regular expression denial of service"
},
{
"cve": "CVE-2018-14040",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601614"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14040"
},
{
"category": "external",
"summary": "RHBZ#1601614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14040",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14040"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:18:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute"
},
{
"cve": "CVE-2018-14041",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601616"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting, caused by improper validation of user-supplied input by the data-target property of scrollspy. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14041"
},
{
"category": "external",
"summary": "RHBZ#1601616",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601616"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14041",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14041"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14041",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14041"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:18:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy"
},
{
"cve": "CVE-2018-14042",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601617"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14042"
},
{
"category": "external",
"summary": "RHBZ#1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14042",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14042"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:18:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip"
},
{
"cve": "CVE-2019-8331",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-02-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1686454"
}
],
"notes": [
{
"category": "description",
"text": "A cross-site scripting vulnerability was discovered in bootstrap. If an attacker could control the data given to tooltip or popover, they could inject HTML or Javascript into the rendered page when tooltip or popover events fired.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the tooltip or popover data-template attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-8331"
},
{
"category": "external",
"summary": "RHBZ#1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-8331",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8331"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331"
}
],
"release_date": "2019-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:18:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "bootstrap: XSS in the tooltip or popover data-template attribute"
},
{
"cve": "CVE-2019-11358",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-03-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1701972"
}
],
"notes": [
{
"category": "description",
"text": "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-11358"
},
{
"category": "external",
"summary": "RHBZ#1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/",
"url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/"
},
{
"category": "external",
"summary": "https://www.drupal.org/sa-core-2019-006",
"url": "https://www.drupal.org/sa-core-2019-006"
}
],
"release_date": "2019-03-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:18:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection"
},
{
"cve": "CVE-2020-11022",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-04-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1828406"
}
],
"notes": [
{
"category": "description",
"text": "A Cross-site scripting (XSS) vulnerability exists in JQuery. This flaw allows an attacker with the ability to supply input to the \u2018HTML\u2019 function to inject Javascript into the page where that input is rendered, and have it delivered by the browser.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "No supported release of Red Hat OpenStack Platform is affected by this vulnerability as no shipped packages contain the vulnerable code.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11022"
},
{
"category": "external",
"summary": "RHBZ#1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11022",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2",
"url": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2"
}
],
"release_date": "2020-04-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:18:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method"
},
{
"cve": "CVE-2020-11023",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-06-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1850004"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jQuery. HTML containing \\\u003coption\\\u003e elements from untrusted sources are passed, even after sanitizing, to one of jQuery\u0027s DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux versions 6, 7, and 8 ship a vulnerable version of JQuery in the `pcs` component. As PCS does not accept untrusted input, the vulnerable code cannot be controlled by an attacker.\n\nMultiple Red Hat offerings use doxygen to build documentation. During this process an affected jquery.js file can be included in the resulting package. The \u0027gcc\u0027 and \u0027tbb\u0027 packages were potentially vulnerable via this method.\n\nOpenShift Container Platform 4 is not affected because even though it uses the \u0027gcc\u0027 component, vulnerable code is limited within the libstdc++-docs rpm package, which is not shipped.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nStatic code analysis controls ensure that security flaws, including XSS vulnerabilities, are detected early in development by scanning code for improper input handling. This prevents vulnerable code from reaching production and encourages our developers to follow secure coding practices. System monitoring controls play a crucial role in detecting and responding to XSS attacks by analyzing logs, monitoring user behavior, and generating alerts for suspicious activity. Meanwhile, AWS WAF (Web Application Firewall) adds an extra layer of defense by filtering and blocking malicious input before it reaches the platform and/or application. Together, these controls create a defense-in-depth approach, reducing the risk of XSS exploitation by preventing, detecting, and mitigating attacks at multiple levels.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11023"
},
{
"category": "external",
"summary": "RHBZ#1850004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/",
"url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2020-04-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:18:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2025-01-23T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Low"
}
],
"title": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods"
},
{
"cve": "CVE-2022-3143",
"cwe": {
"id": "CWE-208",
"name": "Observable Timing Discrepancy"
},
"discovery_date": "2022-09-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2124682"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly-elytron. Wildfly-elytron uses java.util.Arrays.equals in several places, which is unsafe and vulnerable to timing attacks. To compare values securely, use java.security.MessageDigest.isEqual instead. This flaw allows an attacker to access secure information or impersonate an authed user.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly-elytron: possible timing attacks via use of unsafe comparator",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-3143"
},
{
"category": "external",
"summary": "RHBZ#2124682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124682"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-3143",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3143"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3143",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3143"
}
],
"release_date": "2022-09-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:18:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly-elytron: possible timing attacks via use of unsafe comparator"
},
{
"cve": "CVE-2022-40149",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-10-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135771"
}
],
"notes": [
{
"category": "description",
"text": "A stack-based buffer overflow vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. This flaw allows an attacker to supply content that causes the parser to crash by writing outside the memory bounds if the parser is running on user-supplied input, resulting in a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: parser crash by stackoverflow",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40149"
},
{
"category": "external",
"summary": "RHBZ#2135771",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135771"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40149",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40149"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149"
},
{
"category": "external",
"summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1",
"url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1"
}
],
"release_date": "2022-09-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:18:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jettison: parser crash by stackoverflow"
},
{
"cve": "CVE-2022-40150",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-10-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135770"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. If the parser is running on user-supplied input, an attacker may supply content that causes the parser to crash, causing memory exhaustion. This effect may support a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: memory exhaustion via user-supplied XML or JSON data",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40150"
},
{
"category": "external",
"summary": "RHBZ#2135770",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40150",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40150"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150"
},
{
"category": "external",
"summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1",
"url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1"
}
],
"release_date": "2022-09-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:18:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jettison: memory exhaustion via user-supplied XML or JSON data"
},
{
"cve": "CVE-2022-40152",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-10-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2134291"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the FasterXML/woodstox package. This flaw allows an attacker to cause a denial of service (DoS) in its target via XML serialization. An attacker may benefit from the parser sending a malicious input that may cause a crash. This vulnerability is only relevant for users using the DTD parsing functionality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40152"
},
{
"category": "external",
"summary": "RHBZ#2134291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134291"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40152",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40152"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40152",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40152"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-3f7h-mf4q-vrm4",
"url": "https://github.com/advisories/GHSA-3f7h-mf4q-vrm4"
}
],
"release_date": "2022-09-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:18:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks"
},
{
"cve": "CVE-2022-42003",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135244"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42003"
},
{
"category": "external",
"summary": "RHBZ#2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42003",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:18:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS"
},
{
"cve": "CVE-2022-42004",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135247"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: use of deeply nested arrays",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42004"
},
{
"category": "external",
"summary": "RHBZ#2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42004",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:18:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: use of deeply nested arrays"
},
{
"cve": "CVE-2022-45047",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-11-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2145194"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache MINA SSHD, when using Java deserialization to load a serialized java.security.PrivateKey. An attacker could benefit from unsafe deserialization by inserting unsecured data that may affect the application or server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mina-sshd: Java unsafe deserialization vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Impact as High as there\u0027s a mitigation for minimizing the impact which the flaw requires org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to be impacted, which would require an external/public API for an attacker to benefit from it. \n\nRed Hat Fuse 7 and Red Hat JBoss Enterprise Application Platform 7 have a lower rate (moderate) as it\u0027s very unlikely to be exploited since those are for internal usage or use a custom implementation in their case.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45047"
},
{
"category": "external",
"summary": "RHBZ#2145194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45047",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45047"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047"
},
{
"category": "external",
"summary": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html",
"url": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html"
}
],
"release_date": "2022-11-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:18:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
},
{
"category": "workaround",
"details": "From the maintainer:\n\nFor Apache MINA SSHD \u003c= 2.9.1, do not use org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to generate and later load your server\u0027s host key. Use separately generated host key files, for instance in OpenSSH format, and load them via a org.apache.sshd.common.keyprovider.FileKeyPairProvider instead. Or use a custom implementation instead of \nSimpleGeneratorHostKeyProvider that uses the OpenSSH format for storing and loading the host key (via classes OpenSSHKeyPairResourceWriter and OpenSSHKeyPairResourceParser).",
"product_ids": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mina-sshd: Java unsafe deserialization vulnerability"
},
{
"cve": "CVE-2022-45693",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-12-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155970"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jettison, where it is vulnerable to a denial of service caused by a stack-based buffer overflow. By sending a specially-crafted request using the map parameter, a remote attacker can cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat has determined the impact of this flaw to be Moderate; a successful attack using this flaw would require the processing of untrusted, unsanitized, or unrestricted user inputs, which runs counter to established Red Hat security practices.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45693"
},
{
"category": "external",
"summary": "RHBZ#2155970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155970"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45693",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45693"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45693",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45693"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:18:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos"
},
{
"cve": "CVE-2022-46363",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2022-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155681"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Apache CXF that could allow an attacker to perform a remote directory listing or code exfiltration. This issue only applies when the CXFServlet is configured with both the static-resources-list and redirect-query-check attributes. These attributes are not supposed to be used together, so the issue can only occur if the CXF service is misconfigured.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "CXF: directory listing / code exfiltration",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-46363"
},
{
"category": "external",
"summary": "RHBZ#2155681",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155681"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-46363",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46363"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46363",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46363"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/pdzo1qgyplf4y523tnnzrcm7hoco3l8c",
"url": "https://lists.apache.org/thread/pdzo1qgyplf4y523tnnzrcm7hoco3l8c"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:18:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "CXF: directory listing / code exfiltration"
},
{
"cve": "CVE-2022-46364",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2022-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155682"
}
],
"notes": [
{
"category": "description",
"text": "A SSRF vulnerability was found in Apache CXF. This issue occurs when parsing the href attribute of XOP:Include in MTOM requests, allowing an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "CXF: SSRF Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Integration Camel Quarkus does not support CXF extensions and so is affected at a reduced impact of Moderate.\nThe RHSSO server does not ship Apache CXF. The component mentioned in CVE-2022-46364 is a transitive dependency coming from Fuse adapters and the test suite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-46364"
},
{
"category": "external",
"summary": "RHBZ#2155682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155682"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-46364",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46364"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46364",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46364"
},
{
"category": "external",
"summary": "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1\u0026modificationDate=1670944472739\u0026api=v2",
"url": "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1\u0026modificationDate=1670944472739\u0026api=v2"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:18:26+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Important: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "CXF: SSRF Vulnerability"
}
]
}
rhsa-2020_0132
Vulnerability from csaf_redhat
Published
2020-01-16 16:02
Modified
2024-11-22 14:18
Summary
Red Hat Security Advisory: Red Hat Process Automation Manager 7.6.0 Security Update
Notes
Topic
An update is now available for Red Hat Process Automation Manager.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Process Automation Manager is an open source business process management suite that combines process management and decision service management and enables business and IT users to create, manage, validate, and deploy process applications and decision services.
This release of Red Hat Process Automation Manager 7.6.0 serves as an update to Red Hat Process Automation Manager 7.5.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* bootstrap: XSS in the affix configuration target property (CVE-2018-20677)
* bootstrap: XSS in the data-target attribute (CVE-2016-10735)
* bootstrap: XSS in the tooltip data-viewport attribute (CVE-2018-20676)
* Business-central: Encrypted password shown under Object id 7 of errai_security_context (CVE-2019-14886)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat Process Automation Manager.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Process Automation Manager is an open source business process management suite that combines process management and decision service management and enables business and IT users to create, manage, validate, and deploy process applications and decision services.\n\nThis release of Red Hat Process Automation Manager 7.6.0 serves as an update to Red Hat Process Automation Manager 7.5.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* bootstrap: XSS in the affix configuration target property (CVE-2018-20677)\n\n* bootstrap: XSS in the data-target attribute (CVE-2016-10735)\n\n* bootstrap: XSS in the tooltip data-viewport attribute (CVE-2018-20676)\n\n* Business-central: Encrypted password shown under Object id 7 of errai_security_context (CVE-2019-14886)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:0132",
"url": "https://access.redhat.com/errata/RHSA-2020:0132"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=rhpam\u0026version=7.6.0",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=rhpam\u0026version=7.6.0"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_process_automation_manager/7.6/html/release_notes_for_red_hat_process_automation_manager_7.6/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_process_automation_manager/7.6/html/release_notes_for_red_hat_process_automation_manager_7.6/index"
},
{
"category": "external",
"summary": "1668082",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668082"
},
{
"category": "external",
"summary": "1668089",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668089"
},
{
"category": "external",
"summary": "1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "1771354",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1771354"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_0132.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Process Automation Manager 7.6.0 Security Update",
"tracking": {
"current_release_date": "2024-11-22T14:18:04+00:00",
"generator": {
"date": "2024-11-22T14:18:04+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2020:0132",
"initial_release_date": "2020-01-16T16:02:02+00:00",
"revision_history": [
{
"date": "2020-01-16T16:02:02+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-01-16T16:02:02+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T14:18:04+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Process Automation 7",
"product": {
"name": "Red Hat Process Automation 7",
"product_id": "Red Hat Process Automation 7",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_bpms_platform:7.6"
}
}
}
],
"category": "product_family",
"name": "Red Hat Process Automation Manager"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-10735",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668097"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the data-target attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Process Automation 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-10735"
},
{
"category": "external",
"summary": "RHBZ#1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10735"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735"
}
],
"release_date": "2016-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-01-16T16:02:02+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Process Automation 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0132"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat Process Automation 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the data-target attribute"
},
{
"cve": "CVE-2018-20676",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668082"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting, caused by improper validation of user-supplied input by the tooltip data-viewport attribute. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the tooltip data-viewport attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions do not use the vulnerable component at all.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Process Automation 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-20676"
},
{
"category": "external",
"summary": "RHBZ#1668082",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668082"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-20676",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20676"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20676",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20676"
}
],
"release_date": "2018-08-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-01-16T16:02:02+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Process Automation 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0132"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat Process Automation 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the tooltip data-viewport attribute"
},
{
"cve": "CVE-2018-20677",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668089"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting caused by improper validation of user-supplied input by the affix configuration target property. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the affix configuration target property",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions do not use the vulnerable component at all.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Process Automation 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-20677"
},
{
"category": "external",
"summary": "RHBZ#1668089",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668089"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-20677",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20677"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20677",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20677"
}
],
"release_date": "2018-08-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-01-16T16:02:02+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Process Automation 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0132"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat Process Automation 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the affix configuration target property"
},
{
"cve": "CVE-2019-14886",
"cwe": {
"id": "CWE-312",
"name": "Cleartext Storage of Sensitive Information"
},
"discovery_date": "2019-11-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1771354"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in business-central where encoded passwords are stored in errai_security_context. The encoding used for storing the passwords is Base64, not an encryption algorithm, and any recovery of these passwords could lead to user passwords being exposed.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Business-central: Encrypted password shown under Object id 7 of errai_security_context",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Process Automation 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-14886"
},
{
"category": "external",
"summary": "RHBZ#1771354",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1771354"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-14886",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14886"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14886",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14886"
},
{
"category": "external",
"summary": "https://groups.google.com/forum/?utm_medium=email\u0026utm_source=footer#!msg/jbpm-usage/74pSuwfGKRU/0oXpmRScBQAJ",
"url": "https://groups.google.com/forum/?utm_medium=email\u0026utm_source=footer#!msg/jbpm-usage/74pSuwfGKRU/0oXpmRScBQAJ"
}
],
"release_date": "2019-09-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-01-16T16:02:02+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Process Automation 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0132"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat Process Automation 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Business-central: Encrypted password shown under Object id 7 of errai_security_context"
}
]
}
RHBA-2019:1570
Vulnerability from csaf_redhat
Published
2019-06-20 14:47
Modified
2025-10-10 01:33
Summary
Red Hat Bug Fix Advisory: ovirt-engine-api-explorer bug fix and enhancement update for RHV 4.3.4
Notes
Topic
Updated ovirt-engine-api-explorer packages that fix several bugs and add various enhancements are now available.
Details
The ovirt-engine-api-explorer package provides a web application for exploring the oVirt API documentation.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated ovirt-engine-api-explorer packages that fix several bugs and add various enhancements are now available.",
"title": "Topic"
},
{
"category": "general",
"text": "The ovirt-engine-api-explorer package provides a web application for exploring the oVirt API documentation.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHBA-2019:1570",
"url": "https://access.redhat.com/errata/RHBA-2019:1570"
},
{
"category": "external",
"summary": "1710688",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1710688"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhba-2019_1570.json"
}
],
"title": "Red Hat Bug Fix Advisory: ovirt-engine-api-explorer bug fix and enhancement update for RHV 4.3.4",
"tracking": {
"current_release_date": "2025-10-10T01:33:44+00:00",
"generator": {
"date": "2025-10-10T01:33:44+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHBA-2019:1570",
"initial_release_date": "2019-06-20T14:47:51+00:00",
"revision_history": [
{
"date": "2019-06-20T14:47:51+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2019-06-20T14:47:51+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-10T01:33:44+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHV-M 4.3",
"product": {
"name": "RHV-M 4.3",
"product_id": "7Server-RHV-S-4.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhev_manager:4.3"
}
}
}
],
"category": "product_family",
"name": "Red Hat Virtualization"
},
{
"branches": [
{
"category": "product_version",
"name": "ovirt-engine-api-explorer-0:0.0.5-1.el7ev.src",
"product": {
"name": "ovirt-engine-api-explorer-0:0.0.5-1.el7ev.src",
"product_id": "ovirt-engine-api-explorer-0:0.0.5-1.el7ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-api-explorer@0.0.5-1.el7ev?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "ovirt-engine-api-explorer-0:0.0.5-1.el7ev.noarch",
"product": {
"name": "ovirt-engine-api-explorer-0:0.0.5-1.el7ev.noarch",
"product_id": "ovirt-engine-api-explorer-0:0.0.5-1.el7ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-api-explorer@0.0.5-1.el7ev?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-api-explorer-0:0.0.5-1.el7ev.noarch as a component of RHV-M 4.3",
"product_id": "7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.noarch"
},
"product_reference": "ovirt-engine-api-explorer-0:0.0.5-1.el7ev.noarch",
"relates_to_product_reference": "7Server-RHV-S-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-api-explorer-0:0.0.5-1.el7ev.src as a component of RHV-M 4.3",
"product_id": "7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.src"
},
"product_reference": "ovirt-engine-api-explorer-0:0.0.5-1.el7ev.src",
"relates_to_product_reference": "7Server-RHV-S-4.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-10735",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668097"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the data-target attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-10735"
},
{
"category": "external",
"summary": "RHBZ#1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10735"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735"
}
],
"release_date": "2016-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-06-20T14:47:51+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2019:1570"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the data-target attribute"
},
{
"cve": "CVE-2018-20676",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668082"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting, caused by improper validation of user-supplied input by the tooltip data-viewport attribute. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the tooltip data-viewport attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions do not use the vulnerable component at all.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-20676"
},
{
"category": "external",
"summary": "RHBZ#1668082",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668082"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-20676",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20676"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20676",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20676"
}
],
"release_date": "2018-08-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-06-20T14:47:51+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2019:1570"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the tooltip data-viewport attribute"
},
{
"cve": "CVE-2018-20677",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668089"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting caused by improper validation of user-supplied input by the affix configuration target property. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the affix configuration target property",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions do not use the vulnerable component at all.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-20677"
},
{
"category": "external",
"summary": "RHBZ#1668089",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668089"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-20677",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20677"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20677",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20677"
}
],
"release_date": "2018-08-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-06-20T14:47:51+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2019:1570"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the affix configuration target property"
},
{
"cve": "CVE-2019-11358",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-03-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1701972"
}
],
"notes": [
{
"category": "description",
"text": "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-11358"
},
{
"category": "external",
"summary": "RHBZ#1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/",
"url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/"
},
{
"category": "external",
"summary": "https://www.drupal.org/sa-core-2019-006",
"url": "https://www.drupal.org/sa-core-2019-006"
}
],
"release_date": "2019-03-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-06-20T14:47:51+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2019:1570"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection"
}
]
}
rhsa-2020:0133
Vulnerability from csaf_redhat
Published
2020-01-16 16:02
Modified
2025-10-10 01:34
Summary
Red Hat Security Advisory: Red Hat Decision Manager 7.6.0 Security Update
Notes
Topic
An update is now available for Red Hat Decision Manager.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Decision Manager is an open source decision management platform that combines business rules management, complex event processing, Decision Model & Notation (DMN) execution, and Business Optimizer for solving planning problems. It automates business decisions and makes that logic available to the entire business.
This release of Red Hat Decision Manager 7.6.0 serves as an update to Red Hat Decision Manager 7.5.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* bootstrap: XSS in the affix configuration target property (CVE-2018-20677)
* bootstrap: XSS in the data-target attribute (CVE-2016-10735)
* bootstrap: XSS in the tooltip data-viewport attribute (CVE-2018-20676)
* Business-central: Encrypted password shown under Object id 7 of errai_security_context (CVE-2019-14886)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat Decision Manager.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Decision Manager is an open source decision management platform that combines business rules management, complex event processing, Decision Model \u0026 Notation (DMN) execution, and Business Optimizer for solving planning problems. It automates business decisions and makes that logic available to the entire business. \n\nThis release of Red Hat Decision Manager 7.6.0 serves as an update to Red Hat Decision Manager 7.5.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* bootstrap: XSS in the affix configuration target property (CVE-2018-20677)\n\n* bootstrap: XSS in the data-target attribute (CVE-2016-10735)\n\n* bootstrap: XSS in the tooltip data-viewport attribute (CVE-2018-20676)\n\n* Business-central: Encrypted password shown under Object id 7 of errai_security_context (CVE-2019-14886)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:0133",
"url": "https://access.redhat.com/errata/RHSA-2020:0133"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=rhdm\u0026version=7.6.0",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=rhdm\u0026version=7.6.0"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_decision_manager/7.6/html/release_notes_for_red_hat_decision_manager_7.6/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_decision_manager/7.6/html/release_notes_for_red_hat_decision_manager_7.6/index"
},
{
"category": "external",
"summary": "1668082",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668082"
},
{
"category": "external",
"summary": "1668089",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668089"
},
{
"category": "external",
"summary": "1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "1771354",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1771354"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_0133.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Decision Manager 7.6.0 Security Update",
"tracking": {
"current_release_date": "2025-10-10T01:34:08+00:00",
"generator": {
"date": "2025-10-10T01:34:08+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2020:0133",
"initial_release_date": "2020-01-16T16:02:45+00:00",
"revision_history": [
{
"date": "2020-01-16T16:02:45+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-01-16T16:02:45+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-10T01:34:08+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Decision Manager 7",
"product": {
"name": "Red Hat Decision Manager 7",
"product_id": "Red Hat Decision Manager 7",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_brms_platform:7.6"
}
}
}
],
"category": "product_family",
"name": "Red Hat Decision Manager"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-10735",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668097"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the data-target attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Decision Manager 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-10735"
},
{
"category": "external",
"summary": "RHBZ#1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10735"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735"
}
],
"release_date": "2016-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-01-16T16:02:45+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Decision Manager 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0133"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat Decision Manager 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the data-target attribute"
},
{
"cve": "CVE-2018-20676",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668082"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting, caused by improper validation of user-supplied input by the tooltip data-viewport attribute. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the tooltip data-viewport attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions do not use the vulnerable component at all.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Decision Manager 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-20676"
},
{
"category": "external",
"summary": "RHBZ#1668082",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668082"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-20676",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20676"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20676",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20676"
}
],
"release_date": "2018-08-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-01-16T16:02:45+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Decision Manager 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0133"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat Decision Manager 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the tooltip data-viewport attribute"
},
{
"cve": "CVE-2018-20677",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668089"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting caused by improper validation of user-supplied input by the affix configuration target property. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the affix configuration target property",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions do not use the vulnerable component at all.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Decision Manager 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-20677"
},
{
"category": "external",
"summary": "RHBZ#1668089",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668089"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-20677",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20677"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20677",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20677"
}
],
"release_date": "2018-08-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-01-16T16:02:45+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Decision Manager 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0133"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat Decision Manager 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the affix configuration target property"
},
{
"cve": "CVE-2019-14886",
"cwe": {
"id": "CWE-312",
"name": "Cleartext Storage of Sensitive Information"
},
"discovery_date": "2019-11-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1771354"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in business-central where encoded passwords are stored in errai_security_context. The encoding used for storing the passwords is Base64, not an encryption algorithm, and any recovery of these passwords could lead to user passwords being exposed.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Business-central: Encrypted password shown under Object id 7 of errai_security_context",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Decision Manager 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-14886"
},
{
"category": "external",
"summary": "RHBZ#1771354",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1771354"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-14886",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14886"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14886",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14886"
},
{
"category": "external",
"summary": "https://groups.google.com/forum/?utm_medium=email\u0026utm_source=footer#!msg/jbpm-usage/74pSuwfGKRU/0oXpmRScBQAJ",
"url": "https://groups.google.com/forum/?utm_medium=email\u0026utm_source=footer#!msg/jbpm-usage/74pSuwfGKRU/0oXpmRScBQAJ"
}
],
"release_date": "2019-09-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-01-16T16:02:45+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Decision Manager 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0133"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat Decision Manager 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Business-central: Encrypted password shown under Object id 7 of errai_security_context"
}
]
}
rhba-2019:1076
Vulnerability from csaf_redhat
Published
2019-05-08 12:47
Modified
2025-10-10 01:33
Summary
Red Hat Bug Fix Advisory: ovirt-engine-api-explorer bug fix and enhancement update for RHV 4.3
Notes
Topic
Updated ovirt-engine-api-explorer packages that fix several bugs and add various enhancements are now available.
Details
The ovirt-engine-api-explorer package provides a web application for exploring the oVirt API documentation.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated ovirt-engine-api-explorer packages that fix several bugs and add various enhancements are now available.",
"title": "Topic"
},
{
"category": "general",
"text": "The ovirt-engine-api-explorer package provides a web application for exploring the oVirt API documentation.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHBA-2019:1076",
"url": "https://access.redhat.com/errata/RHBA-2019:1076"
},
{
"category": "external",
"summary": "1639272",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1639272"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhba-2019_1076.json"
}
],
"title": "Red Hat Bug Fix Advisory: ovirt-engine-api-explorer bug fix and enhancement update for RHV 4.3",
"tracking": {
"current_release_date": "2025-10-10T01:33:42+00:00",
"generator": {
"date": "2025-10-10T01:33:42+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHBA-2019:1076",
"initial_release_date": "2019-05-08T12:47:06+00:00",
"revision_history": [
{
"date": "2019-05-08T12:47:06+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2019-05-08T12:47:06+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-10T01:33:42+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHV-M 4.3",
"product": {
"name": "RHV-M 4.3",
"product_id": "7Server-RHV-S-4.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhev_manager:4.3"
}
}
}
],
"category": "product_family",
"name": "Red Hat Virtualization"
},
{
"branches": [
{
"category": "product_version",
"name": "ovirt-engine-api-explorer-0:0.0.4-1.el7ev.src",
"product": {
"name": "ovirt-engine-api-explorer-0:0.0.4-1.el7ev.src",
"product_id": "ovirt-engine-api-explorer-0:0.0.4-1.el7ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-api-explorer@0.0.4-1.el7ev?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "ovirt-engine-api-explorer-0:0.0.4-1.el7ev.noarch",
"product": {
"name": "ovirt-engine-api-explorer-0:0.0.4-1.el7ev.noarch",
"product_id": "ovirt-engine-api-explorer-0:0.0.4-1.el7ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-api-explorer@0.0.4-1.el7ev?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-api-explorer-0:0.0.4-1.el7ev.noarch as a component of RHV-M 4.3",
"product_id": "7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.4-1.el7ev.noarch"
},
"product_reference": "ovirt-engine-api-explorer-0:0.0.4-1.el7ev.noarch",
"relates_to_product_reference": "7Server-RHV-S-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-api-explorer-0:0.0.4-1.el7ev.src as a component of RHV-M 4.3",
"product_id": "7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.4-1.el7ev.src"
},
"product_reference": "ovirt-engine-api-explorer-0:0.0.4-1.el7ev.src",
"relates_to_product_reference": "7Server-RHV-S-4.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-10735",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668097"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the data-target attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.4-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.4-1.el7ev.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-10735"
},
{
"category": "external",
"summary": "RHBZ#1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10735"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735"
}
],
"release_date": "2016-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-05-08T12:47:06+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.4-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.4-1.el7ev.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2019:1076"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.4-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.4-1.el7ev.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the data-target attribute"
},
{
"cve": "CVE-2018-20676",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668082"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting, caused by improper validation of user-supplied input by the tooltip data-viewport attribute. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the tooltip data-viewport attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions do not use the vulnerable component at all.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.4-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.4-1.el7ev.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-20676"
},
{
"category": "external",
"summary": "RHBZ#1668082",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668082"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-20676",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20676"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20676",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20676"
}
],
"release_date": "2018-08-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-05-08T12:47:06+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.4-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.4-1.el7ev.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2019:1076"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.4-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.4-1.el7ev.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the tooltip data-viewport attribute"
},
{
"cve": "CVE-2018-20677",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668089"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting caused by improper validation of user-supplied input by the affix configuration target property. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the affix configuration target property",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions do not use the vulnerable component at all.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.4-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.4-1.el7ev.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-20677"
},
{
"category": "external",
"summary": "RHBZ#1668089",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668089"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-20677",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20677"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20677",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20677"
}
],
"release_date": "2018-08-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-05-08T12:47:06+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.4-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.4-1.el7ev.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2019:1076"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.4-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.4-1.el7ev.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the affix configuration target property"
}
]
}
RHSA-2020:5571
Vulnerability from csaf_redhat
Published
2020-12-16 13:53
Modified
2025-10-10 01:34
Summary
Red Hat Security Advisory: python-XStatic-Bootstrap-SCSS security update
Notes
Topic
An update for python-XStatic-Bootstrap-SCSS is now available for Red Hat
OpenStack Platform 13 (Queens).
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
Details
python-XStatic-Bootstrap-SCSS is the Bootstrap-SCSS JavaScript library packaged for setuptools / pip.
Security Fix(es):
* XSS in the data-target attribute (CVE-2016-10735)
* Cross-site Scripting (XSS) in the data-container property of tooltip
(CVE-2018-14042)
* XSS in the tooltip data-viewport attribute (CVE-2018-20676)
* XSS in the affix configuration target property (CVE-2018-20677)
* XSS in the tooltip or popover data-template attribute (CVE-2019-8331)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for python-XStatic-Bootstrap-SCSS is now available for Red Hat\nOpenStack Platform 13 (Queens).\n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "python-XStatic-Bootstrap-SCSS is the Bootstrap-SCSS JavaScript library packaged for setuptools / pip.\n\nSecurity Fix(es):\n\n* XSS in the data-target attribute (CVE-2016-10735)\n\n* Cross-site Scripting (XSS) in the data-container property of tooltip\n(CVE-2018-14042)\n\n* XSS in the tooltip data-viewport attribute (CVE-2018-20676)\n\n* XSS in the affix configuration target property (CVE-2018-20677)\n\n* XSS in the tooltip or popover data-template attribute (CVE-2019-8331)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:5571",
"url": "https://access.redhat.com/errata/RHSA-2020:5571"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "1668082",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668082"
},
{
"category": "external",
"summary": "1668089",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668089"
},
{
"category": "external",
"summary": "1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_5571.json"
}
],
"title": "Red Hat Security Advisory: python-XStatic-Bootstrap-SCSS security update",
"tracking": {
"current_release_date": "2025-10-10T01:34:42+00:00",
"generator": {
"date": "2025-10-10T01:34:42+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2020:5571",
"initial_release_date": "2020-12-16T13:53:36+00:00",
"revision_history": [
{
"date": "2020-12-16T13:53:36+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-12-16T13:53:36+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-10T01:34:42+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenStack Platform 13.0",
"product": {
"name": "Red Hat OpenStack Platform 13.0",
"product_id": "7Server-RH7-RHOS-13.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openstack:13::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat OpenStack Platform 13.0 for RHEL 7.6 EUS Server",
"product": {
"name": "Red Hat OpenStack Platform 13.0 for RHEL 7.6 EUS Server",
"product_id": "7Server-7.6.EUS-RH7-RHOS-13.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openstack:13::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenStack Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"product": {
"name": "python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"product_id": "python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-XStatic-Bootstrap-SCSS@3.4.1.0-1.el7ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch",
"product": {
"name": "xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch",
"product_id": "xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/xstatic-bootstrap-scss-common@3.4.1.0-1.el7ost?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"product": {
"name": "python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"product_id": "python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-XStatic-Bootstrap-SCSS@3.4.1.0-1.el7ost?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch as a component of Red Hat OpenStack Platform 13.0 for RHEL 7.6 EUS Server",
"product_id": "7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch"
},
"product_reference": "python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"relates_to_product_reference": "7Server-7.6.EUS-RH7-RHOS-13.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src as a component of Red Hat OpenStack Platform 13.0 for RHEL 7.6 EUS Server",
"product_id": "7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src"
},
"product_reference": "python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"relates_to_product_reference": "7Server-7.6.EUS-RH7-RHOS-13.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch as a component of Red Hat OpenStack Platform 13.0 for RHEL 7.6 EUS Server",
"product_id": "7Server-7.6.EUS-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch"
},
"product_reference": "xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch",
"relates_to_product_reference": "7Server-7.6.EUS-RH7-RHOS-13.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch as a component of Red Hat OpenStack Platform 13.0",
"product_id": "7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch"
},
"product_reference": "python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-13.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src as a component of Red Hat OpenStack Platform 13.0",
"product_id": "7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src"
},
"product_reference": "python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"relates_to_product_reference": "7Server-RH7-RHOS-13.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch as a component of Red Hat OpenStack Platform 13.0",
"product_id": "7Server-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch"
},
"product_reference": "xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-13.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-10735",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668097"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the data-target attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-7.6.EUS-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-10735"
},
{
"category": "external",
"summary": "RHBZ#1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10735"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735"
}
],
"release_date": "2016-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-12-16T13:53:36+00:00",
"details": "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-7.6.EUS-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:5571"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-7.6.EUS-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the data-target attribute"
},
{
"cve": "CVE-2018-14042",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601617"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-7.6.EUS-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14042"
},
{
"category": "external",
"summary": "RHBZ#1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14042",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14042"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-12-16T13:53:36+00:00",
"details": "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-7.6.EUS-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:5571"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-7.6.EUS-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip"
},
{
"cve": "CVE-2018-20676",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668082"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting, caused by improper validation of user-supplied input by the tooltip data-viewport attribute. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the tooltip data-viewport attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions do not use the vulnerable component at all.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-7.6.EUS-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-20676"
},
{
"category": "external",
"summary": "RHBZ#1668082",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668082"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-20676",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20676"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20676",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20676"
}
],
"release_date": "2018-08-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-12-16T13:53:36+00:00",
"details": "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-7.6.EUS-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:5571"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-7.6.EUS-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the tooltip data-viewport attribute"
},
{
"cve": "CVE-2018-20677",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668089"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting caused by improper validation of user-supplied input by the affix configuration target property. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the affix configuration target property",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions do not use the vulnerable component at all.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-7.6.EUS-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-20677"
},
{
"category": "external",
"summary": "RHBZ#1668089",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668089"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-20677",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20677"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20677",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20677"
}
],
"release_date": "2018-08-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-12-16T13:53:36+00:00",
"details": "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-7.6.EUS-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:5571"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-7.6.EUS-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the affix configuration target property"
},
{
"cve": "CVE-2019-8331",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-02-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1686454"
}
],
"notes": [
{
"category": "description",
"text": "A cross-site scripting vulnerability was discovered in bootstrap. If an attacker could control the data given to tooltip or popover, they could inject HTML or Javascript into the rendered page when tooltip or popover events fired.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the tooltip or popover data-template attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-7.6.EUS-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-8331"
},
{
"category": "external",
"summary": "RHBZ#1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-8331",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8331"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331"
}
],
"release_date": "2019-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-12-16T13:53:36+00:00",
"details": "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-7.6.EUS-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:5571"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-7.6.EUS-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-7.6.EUS-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.noarch",
"7Server-RH7-RHOS-13.0:python-XStatic-Bootstrap-SCSS-0:3.4.1.0-1.el7ost.src",
"7Server-RH7-RHOS-13.0:xstatic-bootstrap-scss-common-0:3.4.1.0-1.el7ost.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the tooltip or popover data-template attribute"
}
]
}
rhsa-2023_0552
Vulnerability from csaf_redhat
Published
2023-01-31 13:15
Modified
2025-01-06 16:22
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.8, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.9 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection (CVE-2019-11358)
* jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251)
* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)
* jquery: Untrusted code execution via <option> tag in HTML passed to DOM manipulation methods (CVE-2020-11023)
* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)
* bootstrap: XSS in the data-target attribute (CVE-2016-10735)
* bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy (CVE-2018-14041)
* sshd-common: mina-sshd: Java unsafe deserialization vulnerability (CVE-2022-45047)
* woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks (CVE-2022-40152)
* bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip (CVE-2018-14042)
* bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331)
* nodejs-moment: Regular expression denial of service (CVE-2017-18214)
* wildfly-elytron: possible timing attacks via use of unsafe comparator (CVE-2022-3143)
* jackson-databind: use of deeply nested arrays (CVE-2022-42004)
* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)
* jettison: parser crash by stackoverflow (CVE-2022-40149)
* jettison: memory exhaustion via user-supplied XML or JSON data (CVE-2022-40150)
* jettison: If the value in map is the map's self, the new new JSONObject(map) cause StackOverflowError which may lead to dos (CVE-2022-45693)
* CXF: Apache CXF: SSRF Vulnerability (CVE-2022-46364)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.8, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.9 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection (CVE-2019-11358)\n\n* jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251)\n\n* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)\n\n* jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods (CVE-2020-11023)\n\n* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)\n\n* bootstrap: XSS in the data-target attribute (CVE-2016-10735)\n\n* bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy (CVE-2018-14041)\n\n* sshd-common: mina-sshd: Java unsafe deserialization vulnerability (CVE-2022-45047)\n\n* woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks (CVE-2022-40152)\n\n* bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip (CVE-2018-14042)\n\n* bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331)\n\n* nodejs-moment: Regular expression denial of service (CVE-2017-18214)\n\n* wildfly-elytron: possible timing attacks via use of unsafe comparator (CVE-2022-3143)\n\n* jackson-databind: use of deeply nested arrays (CVE-2022-42004)\n\n* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS (CVE-2022-42003)\n\n* jettison: parser crash by stackoverflow (CVE-2022-40149)\n\n* jettison: memory exhaustion via user-supplied XML or JSON data (CVE-2022-40150)\n\n* jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos (CVE-2022-45693)\n\n* CXF: Apache CXF: SSRF Vulnerability (CVE-2022-46364)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:0552",
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/"
},
{
"category": "external",
"summary": "1399546",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1399546"
},
{
"category": "external",
"summary": "1553413",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1553413"
},
{
"category": "external",
"summary": "1601614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614"
},
{
"category": "external",
"summary": "1601616",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601616"
},
{
"category": "external",
"summary": "1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "external",
"summary": "1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "1850004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004"
},
{
"category": "external",
"summary": "2124682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124682"
},
{
"category": "external",
"summary": "2134291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134291"
},
{
"category": "external",
"summary": "2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "2135770",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770"
},
{
"category": "external",
"summary": "2135771",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135771"
},
{
"category": "external",
"summary": "2145194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194"
},
{
"category": "external",
"summary": "2155682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155682"
},
{
"category": "external",
"summary": "2155970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155970"
},
{
"category": "external",
"summary": "JBEAP-23864",
"url": "https://issues.redhat.com/browse/JBEAP-23864"
},
{
"category": "external",
"summary": "JBEAP-23865",
"url": "https://issues.redhat.com/browse/JBEAP-23865"
},
{
"category": "external",
"summary": "JBEAP-23866",
"url": "https://issues.redhat.com/browse/JBEAP-23866"
},
{
"category": "external",
"summary": "JBEAP-23926",
"url": "https://issues.redhat.com/browse/JBEAP-23926"
},
{
"category": "external",
"summary": "JBEAP-24055",
"url": "https://issues.redhat.com/browse/JBEAP-24055"
},
{
"category": "external",
"summary": "JBEAP-24081",
"url": "https://issues.redhat.com/browse/JBEAP-24081"
},
{
"category": "external",
"summary": "JBEAP-24095",
"url": "https://issues.redhat.com/browse/JBEAP-24095"
},
{
"category": "external",
"summary": "JBEAP-24100",
"url": "https://issues.redhat.com/browse/JBEAP-24100"
},
{
"category": "external",
"summary": "JBEAP-24127",
"url": "https://issues.redhat.com/browse/JBEAP-24127"
},
{
"category": "external",
"summary": "JBEAP-24128",
"url": "https://issues.redhat.com/browse/JBEAP-24128"
},
{
"category": "external",
"summary": "JBEAP-24132",
"url": "https://issues.redhat.com/browse/JBEAP-24132"
},
{
"category": "external",
"summary": "JBEAP-24147",
"url": "https://issues.redhat.com/browse/JBEAP-24147"
},
{
"category": "external",
"summary": "JBEAP-24167",
"url": "https://issues.redhat.com/browse/JBEAP-24167"
},
{
"category": "external",
"summary": "JBEAP-24191",
"url": "https://issues.redhat.com/browse/JBEAP-24191"
},
{
"category": "external",
"summary": "JBEAP-24195",
"url": "https://issues.redhat.com/browse/JBEAP-24195"
},
{
"category": "external",
"summary": "JBEAP-24207",
"url": "https://issues.redhat.com/browse/JBEAP-24207"
},
{
"category": "external",
"summary": "JBEAP-24248",
"url": "https://issues.redhat.com/browse/JBEAP-24248"
},
{
"category": "external",
"summary": "JBEAP-24426",
"url": "https://issues.redhat.com/browse/JBEAP-24426"
},
{
"category": "external",
"summary": "JBEAP-24427",
"url": "https://issues.redhat.com/browse/JBEAP-24427"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_0552.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update",
"tracking": {
"current_release_date": "2025-01-06T16:22:47+00:00",
"generator": {
"date": "2025-01-06T16:22:47+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.5"
}
},
"id": "RHSA-2023:0552",
"initial_release_date": "2023-01-31T13:15:22+00:00",
"revision_history": [
{
"date": "2023-01-31T13:15:22+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-01-31T13:15:22+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-01-06T16:22:47+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product": {
"name": "Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src",
"product_id": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-woodstox-core@6.4.0-1.redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"product": {
"name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"product_id": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-java8@2.12.7-1.redhat_00003.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-elytron-web@1.9.3-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"product": {
"name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"product_id": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-databind@2.12.7-1.redhat_00003.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"product": {
"name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"product_id": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-javaee-security-soteria@1.0.1-3.redhat_00003.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"product": {
"name": "eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"product_id": "eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-providers@2.12.7-1.redhat_00003.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"product": {
"name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"product_id": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-annotations@2.12.7-1.redhat_00003.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"product": {
"name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"product_id": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jettison@1.5.2-1.redhat_00002.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"product": {
"name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"product_id": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-core@2.12.7-1.redhat_00003.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"product": {
"name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"product_id": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-base@2.12.7-1.redhat_00003.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"product_id": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.2.22-1.SP3_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-remoting@5.0.27-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.3.16-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.5.10-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-jsp-api_2.3_spec@2.0.0-3.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"product_id": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-sshd@2.9.2-1.redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.49-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"product_id": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-jsf-api_2.3_spec@3.0.0-6.SP07_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search@5.10.13-3.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.15.16-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"product": {
"name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"product_id": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-24.Final_redhat_00023.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"product": {
"name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"product_id": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.4.9-4.GA_redhat_00003.1.el7eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-woodstox-core@6.4.0-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product_id": "eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-datatype-jdk8@2.12.7-1.redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product_id": "eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-datatype-jsr310@2.12.7-1.redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product_id": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-java8@2.12.7-1.redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow-server@1.9.3-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product_id": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-databind@2.12.7-1.redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"product_id": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-javaee-security-soteria@1.0.1-3.redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"product_id": "eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-javaee-security-soteria-enterprise@1.0.1-3.redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product_id": "eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-base@2.12.7-1.redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product_id": "eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-json-provider@2.12.7-1.redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product_id": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-annotations@2.12.7-1.redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"product_id": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jettison@1.5.2-1.redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product_id": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-core@2.12.7-1.redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product_id": "eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-module-jaxb-annotations@2.12.7-1.redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product_id": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-base@2.12.7-1.redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.2.22-1.SP3_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-remoting@5.0.27-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.3.16-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.5.10-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-api@1.5.10-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-impl@1.5.10-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-spi@1.5.10-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-api@1.5.10-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-impl@1.5.10-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-deployers-common@1.5.10-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-jdbc@1.5.10-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-validator@1.5.10-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-jsp-api_2.3_spec@2.0.0-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-sshd@2.9.2-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.49-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-jsf-api_2.3_spec@3.0.0-6.SP07_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search@5.10.13-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search-backend-jgroups@5.10.13-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search-backend-jms@5.10.13-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search-engine@5.10.13-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search-orm@5.10.13-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search-serialization-avro@5.10.13-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.15.16-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron-tool@1.15.16-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-24.Final_redhat_00023.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.10.0-24.Final_redhat_00023.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.10.0-24.Final_redhat_00023.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"product_id": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.4.9-4.GA_redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"product_id": "eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk11@7.4.9-4.GA_redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"product_id": "eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk8@7.4.9-4.GA_redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"product_id": "eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.4.9-4.GA_redhat_00003.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"product_id": "eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.4.9-4.GA_redhat_00003.1.el7eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src"
},
"product_reference": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src"
},
"product_reference": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src"
},
"product_reference": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src"
},
"product_reference": "eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src"
},
"product_reference": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src"
},
"product_reference": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src"
},
"product_reference": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src"
},
"product_reference": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src"
},
"product_reference": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src"
},
"product_reference": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-9251",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2016-11-27T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1399546"
}
],
"notes": [
{
"category": "description",
"text": "jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Cross-site scripting via cross-domain ajax requests",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-9251"
},
{
"category": "external",
"summary": "RHBZ#1399546",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1399546"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-9251",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9251"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-9251",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-9251"
}
],
"release_date": "2015-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jquery: Cross-site scripting via cross-domain ajax requests"
},
{
"cve": "CVE-2016-10735",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668097"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the data-target attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-10735"
},
{
"category": "external",
"summary": "RHBZ#1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10735"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735"
}
],
"release_date": "2016-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "bootstrap: XSS in the data-target attribute"
},
{
"cve": "CVE-2017-18214",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2018-03-08T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1553413"
}
],
"notes": [
{
"category": "description",
"text": "The moment module before 2.19.3 for Node.js is prone to a regular expression denial of service via a crafted date string, a different vulnerability than CVE-2016-4055.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-moment: Regular expression denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of momentjs as shipped with Red Hat Enterprise Satellite 5. Red Hat Product Security has rated this issue as having security impact of Moderate. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-18214"
},
{
"category": "external",
"summary": "RHBZ#1553413",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1553413"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-18214",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18214"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-18214",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-18214"
}
],
"release_date": "2017-09-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "nodejs-moment: Regular expression denial of service"
},
{
"cve": "CVE-2018-14040",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601614"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14040"
},
{
"category": "external",
"summary": "RHBZ#1601614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14040",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14040"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute"
},
{
"cve": "CVE-2018-14041",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601616"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting, caused by improper validation of user-supplied input by the data-target property of scrollspy. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14041"
},
{
"category": "external",
"summary": "RHBZ#1601616",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601616"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14041",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14041"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14041",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14041"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy"
},
{
"cve": "CVE-2018-14042",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601617"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14042"
},
{
"category": "external",
"summary": "RHBZ#1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14042",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14042"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip"
},
{
"cve": "CVE-2019-8331",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-02-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1686454"
}
],
"notes": [
{
"category": "description",
"text": "A cross-site scripting vulnerability was discovered in bootstrap. If an attacker could control the data given to tooltip or popover, they could inject HTML or Javascript into the rendered page when tooltip or popover events fired.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the tooltip or popover data-template attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-8331"
},
{
"category": "external",
"summary": "RHBZ#1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-8331",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8331"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331"
}
],
"release_date": "2019-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "bootstrap: XSS in the tooltip or popover data-template attribute"
},
{
"cve": "CVE-2019-11358",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-03-28T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1701972"
}
],
"notes": [
{
"category": "description",
"text": "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-11358"
},
{
"category": "external",
"summary": "RHBZ#1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/",
"url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/"
},
{
"category": "external",
"summary": "https://www.drupal.org/sa-core-2019-006",
"url": "https://www.drupal.org/sa-core-2019-006"
}
],
"release_date": "2019-03-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection"
},
{
"cve": "CVE-2020-11022",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-04-23T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1828406"
}
],
"notes": [
{
"category": "description",
"text": "A Cross-site scripting (XSS) vulnerability exists in JQuery. This flaw allows an attacker with the ability to supply input to the \u2018HTML\u2019 function to inject Javascript into the page where that input is rendered, and have it delivered by the browser.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "No supported release of Red Hat OpenStack Platform is affected by this vulnerability as no shipped packages contain the vulnerable code.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11022"
},
{
"category": "external",
"summary": "RHBZ#1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11022",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2",
"url": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2"
}
],
"release_date": "2020-04-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method"
},
{
"cve": "CVE-2020-11023",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-06-23T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1850004"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jQuery. HTML containing \\\u003coption\\\u003e elements from untrusted sources are passed, even after sanitizing, to one of jQuery\u0027s DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux versions 6, 7, and 8 ship a vulnerable version of JQuery in the `pcs` component. However, the vulnerability has not been found to be exploitable in reasonable scenarios. \n\nIn RHEL7, pcs-0.9.169-3.el7_9.3 [RHSA-2022:7343] contains an updated version of jquery (3.6.0), which does not contain the vulnerable code.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11023"
},
{
"category": "external",
"summary": "RHBZ#1850004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/",
"url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/"
}
],
"release_date": "2020-04-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods"
},
{
"cve": "CVE-2022-3143",
"cwe": {
"id": "CWE-208",
"name": "Observable Timing Discrepancy"
},
"discovery_date": "2022-09-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2124682"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly-elytron. Wildfly-elytron uses java.util.Arrays.equals in several places, which is unsafe and vulnerable to timing attacks. To compare values securely, use java.security.MessageDigest.isEqual instead. This flaw allows an attacker to access secure information or impersonate an authed user.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly-elytron: possible timing attacks via use of unsafe comparator",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-3143"
},
{
"category": "external",
"summary": "RHBZ#2124682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124682"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-3143",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3143"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3143",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3143"
}
],
"release_date": "2022-09-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly-elytron: possible timing attacks via use of unsafe comparator"
},
{
"cve": "CVE-2022-40149",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-10-18T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135771"
}
],
"notes": [
{
"category": "description",
"text": "A stack-based buffer overflow vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. This flaw allows an attacker to supply content that causes the parser to crash by writing outside the memory bounds if the parser is running on user-supplied input, resulting in a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: parser crash by stackoverflow",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40149"
},
{
"category": "external",
"summary": "RHBZ#2135771",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135771"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40149",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40149"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149"
},
{
"category": "external",
"summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1",
"url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1"
}
],
"release_date": "2022-09-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jettison: parser crash by stackoverflow"
},
{
"cve": "CVE-2022-40150",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-10-18T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135770"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. If the parser is running on user-supplied input, an attacker may supply content that causes the parser to crash, causing memory exhaustion. This effect may support a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: memory exhaustion via user-supplied XML or JSON data",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40150"
},
{
"category": "external",
"summary": "RHBZ#2135770",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40150",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40150"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150"
},
{
"category": "external",
"summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1",
"url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1"
}
],
"release_date": "2022-09-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jettison: memory exhaustion via user-supplied XML or JSON data"
},
{
"cve": "CVE-2022-40152",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-10-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2134291"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the FasterXML/woodstox package. This flaw allows an attacker to cause a denial of service (DoS) in its target via XML serialization. An attacker may benefit from the parser sending a malicious input that may cause a crash. This vulnerability is only relevant for users using the DTD parsing functionality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40152"
},
{
"category": "external",
"summary": "RHBZ#2134291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134291"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40152",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40152"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40152",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40152"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-3f7h-mf4q-vrm4",
"url": "https://github.com/advisories/GHSA-3f7h-mf4q-vrm4"
}
],
"release_date": "2022-09-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks"
},
{
"cve": "CVE-2022-42003",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135244"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42003"
},
{
"category": "external",
"summary": "RHBZ#2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42003",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS"
},
{
"cve": "CVE-2022-42004",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135247"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: use of deeply nested arrays",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42004"
},
{
"category": "external",
"summary": "RHBZ#2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42004",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: use of deeply nested arrays"
},
{
"cve": "CVE-2022-45047",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-11-23T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2145194"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache MINA SSHD, when using Java deserialization to load a serialized java.security.PrivateKey. An attacker could benefit from unsafe deserialization by inserting unsecured data that may affect the application or server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mina-sshd: Java unsafe deserialization vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Impact as High as there\u0027s a mitigation for minimizing the impact which the flaw requires org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to be impacted, which would require an external/public API for an attacker to benefit from it. \n\nRed Hat Fuse 7 and Red Hat JBoss Enterprise Application Platform 7 have a lower rate (moderate) as it\u0027s very unlikely to be exploited since those are for internal usage or use a custom implementation in their case.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45047"
},
{
"category": "external",
"summary": "RHBZ#2145194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45047",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45047"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047"
},
{
"category": "external",
"summary": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html",
"url": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html"
}
],
"release_date": "2022-11-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
},
{
"category": "workaround",
"details": "From the maintainer:\n\nFor Apache MINA SSHD \u003c= 2.9.1, do not use org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to generate and later load your server\u0027s host key. Use separately generated host key files, for instance in OpenSSH format, and load them via a org.apache.sshd.common.keyprovider.FileKeyPairProvider instead. Or use a custom implementation instead of \nSimpleGeneratorHostKeyProvider that uses the OpenSSH format for storing and loading the host key (via classes OpenSSHKeyPairResourceWriter and OpenSSHKeyPairResourceParser).",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mina-sshd: Java unsafe deserialization vulnerability"
},
{
"cve": "CVE-2022-45693",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-12-23T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155970"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jettison, where it is vulnerable to a denial of service caused by a stack-based buffer overflow. By sending a specially-crafted request using the map parameter, a remote attacker can cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat has determined the impact of this flaw to be Moderate; a successful attack using this flaw would require the processing of untrusted, unsanitized, or unrestricted user inputs, which runs counter to established Red Hat security practices.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src"
],
"known_not_affected": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45693"
},
{
"category": "external",
"summary": "RHBZ#2155970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155970"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45693",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45693"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45693",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45693"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos"
},
{
"cve": "CVE-2022-46364",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2022-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155682"
}
],
"notes": [
{
"category": "description",
"text": "A SSRF vulnerability was found in Apache CXF. This issue occurs when parsing the href attribute of XOP:Include in MTOM requests, allowing an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "CXF: SSRF Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Integration Camel Quarkus does not support CXF extensions and so is affected at a reduced impact of Moderate.\nThe RHSSO server does not ship Apache CXF. The component mentioned in CVE-2022-46364 is a transitive dependency coming from Fuse adapters and the test suite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-46364"
},
{
"category": "external",
"summary": "RHBZ#2155682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155682"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-46364",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46364"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46364",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46364"
},
{
"category": "external",
"summary": "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1\u0026modificationDate=1670944472739\u0026api=v2",
"url": "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1\u0026modificationDate=1670944472739\u0026api=v2"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "CXF: SSRF Vulnerability"
}
]
}
rhba-2019_1570
Vulnerability from csaf_redhat
Published
2019-06-20 14:47
Modified
2024-11-13 22:06
Summary
Red Hat Bug Fix Advisory: ovirt-engine-api-explorer bug fix and enhancement update for RHV 4.3.4
Notes
Topic
Updated ovirt-engine-api-explorer packages that fix several bugs and add various enhancements are now available.
Details
The ovirt-engine-api-explorer package provides a web application for exploring the oVirt API documentation.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated ovirt-engine-api-explorer packages that fix several bugs and add various enhancements are now available.",
"title": "Topic"
},
{
"category": "general",
"text": "The ovirt-engine-api-explorer package provides a web application for exploring the oVirt API documentation.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHBA-2019:1570",
"url": "https://access.redhat.com/errata/RHBA-2019:1570"
},
{
"category": "external",
"summary": "1710688",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1710688"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhba-2019_1570.json"
}
],
"title": "Red Hat Bug Fix Advisory: ovirt-engine-api-explorer bug fix and enhancement update for RHV 4.3.4",
"tracking": {
"current_release_date": "2024-11-13T22:06:08+00:00",
"generator": {
"date": "2024-11-13T22:06:08+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.0"
}
},
"id": "RHBA-2019:1570",
"initial_release_date": "2019-06-20T14:47:51+00:00",
"revision_history": [
{
"date": "2019-06-20T14:47:51+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2019-06-20T14:47:51+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-13T22:06:08+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHV-M 4.3",
"product": {
"name": "RHV-M 4.3",
"product_id": "7Server-RHV-S-4.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhev_manager:4.3"
}
}
}
],
"category": "product_family",
"name": "Red Hat Virtualization"
},
{
"branches": [
{
"category": "product_version",
"name": "ovirt-engine-api-explorer-0:0.0.5-1.el7ev.src",
"product": {
"name": "ovirt-engine-api-explorer-0:0.0.5-1.el7ev.src",
"product_id": "ovirt-engine-api-explorer-0:0.0.5-1.el7ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-api-explorer@0.0.5-1.el7ev?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "ovirt-engine-api-explorer-0:0.0.5-1.el7ev.noarch",
"product": {
"name": "ovirt-engine-api-explorer-0:0.0.5-1.el7ev.noarch",
"product_id": "ovirt-engine-api-explorer-0:0.0.5-1.el7ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-engine-api-explorer@0.0.5-1.el7ev?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-api-explorer-0:0.0.5-1.el7ev.noarch as a component of RHV-M 4.3",
"product_id": "7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.noarch"
},
"product_reference": "ovirt-engine-api-explorer-0:0.0.5-1.el7ev.noarch",
"relates_to_product_reference": "7Server-RHV-S-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-engine-api-explorer-0:0.0.5-1.el7ev.src as a component of RHV-M 4.3",
"product_id": "7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.src"
},
"product_reference": "ovirt-engine-api-explorer-0:0.0.5-1.el7ev.src",
"relates_to_product_reference": "7Server-RHV-S-4.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-10735",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668097"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the data-target attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-10735"
},
{
"category": "external",
"summary": "RHBZ#1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10735"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735"
}
],
"release_date": "2016-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-06-20T14:47:51+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2019:1570"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the data-target attribute"
},
{
"cve": "CVE-2018-20676",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668082"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting, caused by improper validation of user-supplied input by the tooltip data-viewport attribute. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the tooltip data-viewport attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions do not use the vulnerable component at all.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-20676"
},
{
"category": "external",
"summary": "RHBZ#1668082",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668082"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-20676",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20676"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20676",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20676"
}
],
"release_date": "2018-08-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-06-20T14:47:51+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2019:1570"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the tooltip data-viewport attribute"
},
{
"cve": "CVE-2018-20677",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668089"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting caused by improper validation of user-supplied input by the affix configuration target property. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the affix configuration target property",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions do not use the vulnerable component at all.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-20677"
},
{
"category": "external",
"summary": "RHBZ#1668089",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668089"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-20677",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20677"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20677",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20677"
}
],
"release_date": "2018-08-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-06-20T14:47:51+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2019:1570"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the affix configuration target property"
},
{
"cve": "CVE-2019-11358",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-03-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1701972"
}
],
"notes": [
{
"category": "description",
"text": "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-11358"
},
{
"category": "external",
"summary": "RHBZ#1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/",
"url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/"
},
{
"category": "external",
"summary": "https://www.drupal.org/sa-core-2019-006",
"url": "https://www.drupal.org/sa-core-2019-006"
}
],
"release_date": "2019-03-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-06-20T14:47:51+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2019:1570"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.noarch",
"7Server-RHV-S-4.3:ovirt-engine-api-explorer-0:0.0.5-1.el7ev.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection"
}
]
}
rhsa-2020:0132
Vulnerability from csaf_redhat
Published
2020-01-16 16:02
Modified
2025-10-10 01:34
Summary
Red Hat Security Advisory: Red Hat Process Automation Manager 7.6.0 Security Update
Notes
Topic
An update is now available for Red Hat Process Automation Manager.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Process Automation Manager is an open source business process management suite that combines process management and decision service management and enables business and IT users to create, manage, validate, and deploy process applications and decision services.
This release of Red Hat Process Automation Manager 7.6.0 serves as an update to Red Hat Process Automation Manager 7.5.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* bootstrap: XSS in the affix configuration target property (CVE-2018-20677)
* bootstrap: XSS in the data-target attribute (CVE-2016-10735)
* bootstrap: XSS in the tooltip data-viewport attribute (CVE-2018-20676)
* Business-central: Encrypted password shown under Object id 7 of errai_security_context (CVE-2019-14886)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat Process Automation Manager.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Process Automation Manager is an open source business process management suite that combines process management and decision service management and enables business and IT users to create, manage, validate, and deploy process applications and decision services.\n\nThis release of Red Hat Process Automation Manager 7.6.0 serves as an update to Red Hat Process Automation Manager 7.5.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* bootstrap: XSS in the affix configuration target property (CVE-2018-20677)\n\n* bootstrap: XSS in the data-target attribute (CVE-2016-10735)\n\n* bootstrap: XSS in the tooltip data-viewport attribute (CVE-2018-20676)\n\n* Business-central: Encrypted password shown under Object id 7 of errai_security_context (CVE-2019-14886)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:0132",
"url": "https://access.redhat.com/errata/RHSA-2020:0132"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=rhpam\u0026version=7.6.0",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=rhpam\u0026version=7.6.0"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_process_automation_manager/7.6/html/release_notes_for_red_hat_process_automation_manager_7.6/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_process_automation_manager/7.6/html/release_notes_for_red_hat_process_automation_manager_7.6/index"
},
{
"category": "external",
"summary": "1668082",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668082"
},
{
"category": "external",
"summary": "1668089",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668089"
},
{
"category": "external",
"summary": "1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "1771354",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1771354"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_0132.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Process Automation Manager 7.6.0 Security Update",
"tracking": {
"current_release_date": "2025-10-10T01:34:08+00:00",
"generator": {
"date": "2025-10-10T01:34:08+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2020:0132",
"initial_release_date": "2020-01-16T16:02:02+00:00",
"revision_history": [
{
"date": "2020-01-16T16:02:02+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-01-16T16:02:02+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-10T01:34:08+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Process Automation 7",
"product": {
"name": "Red Hat Process Automation 7",
"product_id": "Red Hat Process Automation 7",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_bpms_platform:7.6"
}
}
}
],
"category": "product_family",
"name": "Red Hat Process Automation Manager"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-10735",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668097"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the data-target attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Process Automation 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-10735"
},
{
"category": "external",
"summary": "RHBZ#1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10735"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735"
}
],
"release_date": "2016-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-01-16T16:02:02+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Process Automation 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0132"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat Process Automation 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the data-target attribute"
},
{
"cve": "CVE-2018-20676",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668082"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting, caused by improper validation of user-supplied input by the tooltip data-viewport attribute. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the tooltip data-viewport attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions do not use the vulnerable component at all.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Process Automation 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-20676"
},
{
"category": "external",
"summary": "RHBZ#1668082",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668082"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-20676",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20676"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20676",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20676"
}
],
"release_date": "2018-08-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-01-16T16:02:02+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Process Automation 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0132"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat Process Automation 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the tooltip data-viewport attribute"
},
{
"cve": "CVE-2018-20677",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668089"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting caused by improper validation of user-supplied input by the affix configuration target property. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the affix configuration target property",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions do not use the vulnerable component at all.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Process Automation 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-20677"
},
{
"category": "external",
"summary": "RHBZ#1668089",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668089"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-20677",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20677"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20677",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20677"
}
],
"release_date": "2018-08-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-01-16T16:02:02+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Process Automation 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0132"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat Process Automation 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the affix configuration target property"
},
{
"cve": "CVE-2019-14886",
"cwe": {
"id": "CWE-312",
"name": "Cleartext Storage of Sensitive Information"
},
"discovery_date": "2019-11-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1771354"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in business-central where encoded passwords are stored in errai_security_context. The encoding used for storing the passwords is Base64, not an encryption algorithm, and any recovery of these passwords could lead to user passwords being exposed.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Business-central: Encrypted password shown under Object id 7 of errai_security_context",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Process Automation 7"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-14886"
},
{
"category": "external",
"summary": "RHBZ#1771354",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1771354"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-14886",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14886"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14886",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14886"
},
{
"category": "external",
"summary": "https://groups.google.com/forum/?utm_medium=email\u0026utm_source=footer#!msg/jbpm-usage/74pSuwfGKRU/0oXpmRScBQAJ",
"url": "https://groups.google.com/forum/?utm_medium=email\u0026utm_source=footer#!msg/jbpm-usage/74pSuwfGKRU/0oXpmRScBQAJ"
}
],
"release_date": "2019-09-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-01-16T16:02:02+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Process Automation 7"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0132"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat Process Automation 7"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Business-central: Encrypted password shown under Object id 7 of errai_security_context"
}
]
}
RHSA-2023:0554
Vulnerability from csaf_redhat
Published
2023-01-31 13:15
Modified
2025-10-13 04:53
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.8, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.9 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* jquery: Prototype pollution in object's prototype leading to denial of
service, remote code execution, or property injection (CVE-2019-11358)
* jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251)
* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute
(CVE-2018-14040)
* jquery: Untrusted code execution via <option> tag in HTML passed to DOM
manipulation methods (CVE-2020-11023)
* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method
(CVE-2020-11022)
* bootstrap: XSS in the data-target attribute (CVE-2016-10735)
* bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy
(CVE-2018-14041)
* sshd-common: mina-sshd: Java unsafe deserialization vulnerability
(CVE-2022-45047)
* woodstox-core: woodstox to serialise XML data was vulnerable to Denial of
Service attacks (CVE-2022-40152)
* bootstrap: Cross-site Scripting (XSS) in the data-container property of
tooltip (CVE-2018-14042)
* bootstrap: XSS in the tooltip or popover data-template attribute
(CVE-2019-8331)
* nodejs-moment: Regular expression denial of service (CVE-2017-18214)
* wildfly-elytron: possible timing attacks via use of unsafe comparator
(CVE-2022-3143)
* jackson-databind: use of deeply nested arrays (CVE-2022-42004)
* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS
(CVE-2022-42003)
* jettison: parser crash by stackoverflow (CVE-2022-40149)
* jettison: memory exhaustion via user-supplied XML or JSON data
(CVE-2022-40150)
* jettison: If the value in map is the map's self, the new new JSONObject(map) cause StackOverflowError which may lead to dos (CVE-2022-45693)
* CXF: Apache CXF: SSRF Vulnerability (CVE-2022-46364)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 9.\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.8, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.9 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* jquery: Prototype pollution in object\u0027s prototype leading to denial of\nservice, remote code execution, or property injection (CVE-2019-11358)\n\n* jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251)\n\n* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute\n(CVE-2018-14040)\n\n* jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM\nmanipulation methods (CVE-2020-11023)\n\n* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method\n(CVE-2020-11022)\n\n* bootstrap: XSS in the data-target attribute (CVE-2016-10735)\n\n* bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy\n(CVE-2018-14041)\n\n* sshd-common: mina-sshd: Java unsafe deserialization vulnerability\n(CVE-2022-45047)\n\n* woodstox-core: woodstox to serialise XML data was vulnerable to Denial of\nService attacks (CVE-2022-40152)\n\n* bootstrap: Cross-site Scripting (XSS) in the data-container property of\ntooltip (CVE-2018-14042)\n\n* bootstrap: XSS in the tooltip or popover data-template attribute\n(CVE-2019-8331)\n\n* nodejs-moment: Regular expression denial of service (CVE-2017-18214)\n\n* wildfly-elytron: possible timing attacks via use of unsafe comparator\n(CVE-2022-3143)\n\n* jackson-databind: use of deeply nested arrays (CVE-2022-42004)\n\n* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS\n(CVE-2022-42003)\n\n* jettison: parser crash by stackoverflow (CVE-2022-40149)\n\n* jettison: memory exhaustion via user-supplied XML or JSON data\n(CVE-2022-40150)\n\n* jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos (CVE-2022-45693)\n\n* CXF: Apache CXF: SSRF Vulnerability (CVE-2022-46364)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:0554",
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/"
},
{
"category": "external",
"summary": "1399546",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1399546"
},
{
"category": "external",
"summary": "1553413",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1553413"
},
{
"category": "external",
"summary": "1601614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614"
},
{
"category": "external",
"summary": "1601616",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601616"
},
{
"category": "external",
"summary": "1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "external",
"summary": "1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "1850004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004"
},
{
"category": "external",
"summary": "2124682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124682"
},
{
"category": "external",
"summary": "2134291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134291"
},
{
"category": "external",
"summary": "2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "2135770",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770"
},
{
"category": "external",
"summary": "2135771",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135771"
},
{
"category": "external",
"summary": "2145194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194"
},
{
"category": "external",
"summary": "2155682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155682"
},
{
"category": "external",
"summary": "2155970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155970"
},
{
"category": "external",
"summary": "JBEAP-23864",
"url": "https://issues.redhat.com/browse/JBEAP-23864"
},
{
"category": "external",
"summary": "JBEAP-23865",
"url": "https://issues.redhat.com/browse/JBEAP-23865"
},
{
"category": "external",
"summary": "JBEAP-23866",
"url": "https://issues.redhat.com/browse/JBEAP-23866"
},
{
"category": "external",
"summary": "JBEAP-23928",
"url": "https://issues.redhat.com/browse/JBEAP-23928"
},
{
"category": "external",
"summary": "JBEAP-24055",
"url": "https://issues.redhat.com/browse/JBEAP-24055"
},
{
"category": "external",
"summary": "JBEAP-24081",
"url": "https://issues.redhat.com/browse/JBEAP-24081"
},
{
"category": "external",
"summary": "JBEAP-24095",
"url": "https://issues.redhat.com/browse/JBEAP-24095"
},
{
"category": "external",
"summary": "JBEAP-24100",
"url": "https://issues.redhat.com/browse/JBEAP-24100"
},
{
"category": "external",
"summary": "JBEAP-24127",
"url": "https://issues.redhat.com/browse/JBEAP-24127"
},
{
"category": "external",
"summary": "JBEAP-24128",
"url": "https://issues.redhat.com/browse/JBEAP-24128"
},
{
"category": "external",
"summary": "JBEAP-24132",
"url": "https://issues.redhat.com/browse/JBEAP-24132"
},
{
"category": "external",
"summary": "JBEAP-24147",
"url": "https://issues.redhat.com/browse/JBEAP-24147"
},
{
"category": "external",
"summary": "JBEAP-24167",
"url": "https://issues.redhat.com/browse/JBEAP-24167"
},
{
"category": "external",
"summary": "JBEAP-24191",
"url": "https://issues.redhat.com/browse/JBEAP-24191"
},
{
"category": "external",
"summary": "JBEAP-24195",
"url": "https://issues.redhat.com/browse/JBEAP-24195"
},
{
"category": "external",
"summary": "JBEAP-24207",
"url": "https://issues.redhat.com/browse/JBEAP-24207"
},
{
"category": "external",
"summary": "JBEAP-24248",
"url": "https://issues.redhat.com/browse/JBEAP-24248"
},
{
"category": "external",
"summary": "JBEAP-24426",
"url": "https://issues.redhat.com/browse/JBEAP-24426"
},
{
"category": "external",
"summary": "JBEAP-24427",
"url": "https://issues.redhat.com/browse/JBEAP-24427"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_0554.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update",
"tracking": {
"current_release_date": "2025-10-13T04:53:24+00:00",
"generator": {
"date": "2025-10-13T04:53:24+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2023:0554",
"initial_release_date": "2023-01-31T13:15:23+00:00",
"revision_history": [
{
"date": "2023-01-31T13:15:23+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-01-31T13:15:23+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-13T04:53:24+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 7.4 for RHEL 9",
"product": {
"name": "Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-elytron-web@1.9.3-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"product": {
"name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"product_id": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-databind@2.12.7-1.redhat_00003.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src",
"product_id": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-woodstox-core@6.4.0-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"product": {
"name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"product_id": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-java8@2.12.7-1.redhat_00003.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"product": {
"name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"product_id": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-javaee-security-soteria@1.0.1-3.redhat_00003.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"product": {
"name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"product_id": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-annotations@2.12.7-1.redhat_00003.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"product": {
"name": "eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"product_id": "eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-providers@2.12.7-1.redhat_00003.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"product": {
"name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"product_id": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-core@2.12.7-1.redhat_00003.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"product": {
"name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"product_id": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-base@2.12.7-1.redhat_00003.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"product": {
"name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"product_id": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jettison@1.5.2-1.redhat_00002.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"product_id": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.2.22-1.SP3_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-remoting@5.0.27-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.3.16-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.5.10-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-jsp-api_2.3_spec@2.0.0-3.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"product_id": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-sshd@2.9.2-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.49-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"product_id": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-jsf-api_2.3_spec@3.0.0-6.SP07_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search@5.10.13-3.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.15.16-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"product": {
"name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"product_id": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-24.Final_redhat_00023.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"product": {
"name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"product_id": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.4.9-4.GA_redhat_00003.1.el9eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow-server@1.9.3-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product": {
"name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product_id": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-databind@2.12.7-1.redhat_00003.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-woodstox-core@6.4.0-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product": {
"name": "eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product_id": "eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-datatype-jdk8@2.12.7-1.redhat_00003.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product": {
"name": "eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product_id": "eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-datatype-jsr310@2.12.7-1.redhat_00003.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product": {
"name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product_id": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-java8@2.12.7-1.redhat_00003.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"product": {
"name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"product_id": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-javaee-security-soteria@1.0.1-3.redhat_00003.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"product": {
"name": "eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"product_id": "eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-javaee-security-soteria-enterprise@1.0.1-3.redhat_00003.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product": {
"name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product_id": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-annotations@2.12.7-1.redhat_00003.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product": {
"name": "eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product_id": "eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-base@2.12.7-1.redhat_00003.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product": {
"name": "eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product_id": "eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-json-provider@2.12.7-1.redhat_00003.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product": {
"name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product_id": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-core@2.12.7-1.redhat_00003.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product": {
"name": "eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product_id": "eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-module-jaxb-annotations@2.12.7-1.redhat_00003.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product": {
"name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product_id": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-base@2.12.7-1.redhat_00003.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"product_id": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jettison@1.5.2-1.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.2.22-1.SP3_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-remoting@5.0.27-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.3.16-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.5.10-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-api@1.5.10-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-impl@1.5.10-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-spi@1.5.10-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-api@1.5.10-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-impl@1.5.10-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-deployers-common@1.5.10-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-jdbc@1.5.10-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-validator@1.5.10-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-jsp-api_2.3_spec@2.0.0-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-sshd@2.9.2-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.49-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-jsf-api_2.3_spec@3.0.0-6.SP07_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search@5.10.13-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search-backend-jgroups@5.10.13-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search-backend-jms@5.10.13-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search-engine@5.10.13-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search-orm@5.10.13-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search-serialization-avro@5.10.13-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.15.16-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron-tool@1.15.16-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"product_id": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-24.Final_redhat_00023.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"product_id": "eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.10.0-24.Final_redhat_00023.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"product_id": "eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.10.0-24.Final_redhat_00023.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"product_id": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.4.9-4.GA_redhat_00003.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"product_id": "eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.4.9-4.GA_redhat_00003.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"product_id": "eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.4.9-4.GA_redhat_00003.1.el9eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch"
},
"product_reference": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src"
},
"product_reference": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch"
},
"product_reference": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src"
},
"product_reference": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch"
},
"product_reference": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src"
},
"product_reference": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch"
},
"product_reference": "eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch"
},
"product_reference": "eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch"
},
"product_reference": "eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch"
},
"product_reference": "eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src"
},
"product_reference": "eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch"
},
"product_reference": "eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch"
},
"product_reference": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src"
},
"product_reference": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch"
},
"product_reference": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src"
},
"product_reference": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch"
},
"product_reference": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src"
},
"product_reference": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch"
},
"product_reference": "eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src"
},
"product_reference": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src"
},
"product_reference": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src"
},
"product_reference": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-9251",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2016-11-27T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1399546"
}
],
"notes": [
{
"category": "description",
"text": "jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Cross-site scripting via cross-domain ajax requests",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-9251"
},
{
"category": "external",
"summary": "RHBZ#1399546",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1399546"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-9251",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9251"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-9251",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-9251"
}
],
"release_date": "2015-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:23+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jquery: Cross-site scripting via cross-domain ajax requests"
},
{
"cve": "CVE-2016-10735",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668097"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the data-target attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-10735"
},
{
"category": "external",
"summary": "RHBZ#1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10735"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735"
}
],
"release_date": "2016-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:23+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "bootstrap: XSS in the data-target attribute"
},
{
"cve": "CVE-2017-18214",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2018-03-08T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1553413"
}
],
"notes": [
{
"category": "description",
"text": "The moment module before 2.19.3 for Node.js is prone to a regular expression denial of service via a crafted date string, a different vulnerability than CVE-2016-4055.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-moment: Regular expression denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of momentjs as shipped with Red Hat Enterprise Satellite 5. Red Hat Product Security has rated this issue as having security impact of Moderate. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.\n\nIn Quay 3.10 and above, no version of affected momentjs is present.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-18214"
},
{
"category": "external",
"summary": "RHBZ#1553413",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1553413"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-18214",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18214"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-18214",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-18214"
}
],
"release_date": "2017-09-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:23+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "nodejs-moment: Regular expression denial of service"
},
{
"cve": "CVE-2018-14040",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601614"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14040"
},
{
"category": "external",
"summary": "RHBZ#1601614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14040",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14040"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:23+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute"
},
{
"cve": "CVE-2018-14041",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601616"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting, caused by improper validation of user-supplied input by the data-target property of scrollspy. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14041"
},
{
"category": "external",
"summary": "RHBZ#1601616",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601616"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14041",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14041"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14041",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14041"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:23+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy"
},
{
"cve": "CVE-2018-14042",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601617"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14042"
},
{
"category": "external",
"summary": "RHBZ#1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14042",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14042"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:23+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip"
},
{
"cve": "CVE-2019-8331",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-02-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1686454"
}
],
"notes": [
{
"category": "description",
"text": "A cross-site scripting vulnerability was discovered in bootstrap. If an attacker could control the data given to tooltip or popover, they could inject HTML or Javascript into the rendered page when tooltip or popover events fired.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the tooltip or popover data-template attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-8331"
},
{
"category": "external",
"summary": "RHBZ#1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-8331",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8331"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331"
}
],
"release_date": "2019-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:23+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "bootstrap: XSS in the tooltip or popover data-template attribute"
},
{
"cve": "CVE-2019-11358",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-03-28T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1701972"
}
],
"notes": [
{
"category": "description",
"text": "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-11358"
},
{
"category": "external",
"summary": "RHBZ#1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/",
"url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/"
},
{
"category": "external",
"summary": "https://www.drupal.org/sa-core-2019-006",
"url": "https://www.drupal.org/sa-core-2019-006"
}
],
"release_date": "2019-03-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:23+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection"
},
{
"cve": "CVE-2020-11022",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-04-23T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1828406"
}
],
"notes": [
{
"category": "description",
"text": "A Cross-site scripting (XSS) vulnerability exists in JQuery. This flaw allows an attacker with the ability to supply input to the \u2018HTML\u2019 function to inject Javascript into the page where that input is rendered, and have it delivered by the browser.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "No supported release of Red Hat OpenStack Platform is affected by this vulnerability as no shipped packages contain the vulnerable code.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11022"
},
{
"category": "external",
"summary": "RHBZ#1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11022",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2",
"url": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2"
}
],
"release_date": "2020-04-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:23+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method"
},
{
"cve": "CVE-2020-11023",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-06-23T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1850004"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jQuery. HTML containing \\\u003coption\\\u003e elements from untrusted sources are passed, even after sanitizing, to one of jQuery\u0027s DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux versions 6, 7, and 8 ship a vulnerable version of JQuery in the `pcs` component. As PCS does not accept untrusted input, the vulnerable code cannot be controlled by an attacker.\n\nMultiple Red Hat offerings use doxygen to build documentation. During this process an affected jquery.js file can be included in the resulting package. The \u0027gcc\u0027 and \u0027tbb\u0027 packages were potentially vulnerable via this method.\n\nOpenShift Container Platform 4 is not affected because even though it uses the \u0027gcc\u0027 component, vulnerable code is limited within the libstdc++-docs rpm package, which is not shipped.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nStatic code analysis controls ensure that security flaws, including XSS vulnerabilities, are detected early in development by scanning code for improper input handling. This prevents vulnerable code from reaching production and encourages our developers to follow secure coding practices. System monitoring controls play a crucial role in detecting and responding to XSS attacks by analyzing logs, monitoring user behavior, and generating alerts for suspicious activity. Meanwhile, AWS WAF (Web Application Firewall) adds an extra layer of defense by filtering and blocking malicious input before it reaches the platform and/or application. Together, these controls create a defense-in-depth approach, reducing the risk of XSS exploitation by preventing, detecting, and mitigating attacks at multiple levels.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11023"
},
{
"category": "external",
"summary": "RHBZ#1850004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/",
"url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2020-04-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:23+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2025-01-23T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Low"
}
],
"title": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods"
},
{
"cve": "CVE-2022-3143",
"cwe": {
"id": "CWE-208",
"name": "Observable Timing Discrepancy"
},
"discovery_date": "2022-09-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2124682"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly-elytron. Wildfly-elytron uses java.util.Arrays.equals in several places, which is unsafe and vulnerable to timing attacks. To compare values securely, use java.security.MessageDigest.isEqual instead. This flaw allows an attacker to access secure information or impersonate an authed user.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly-elytron: possible timing attacks via use of unsafe comparator",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-3143"
},
{
"category": "external",
"summary": "RHBZ#2124682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124682"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-3143",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3143"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3143",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3143"
}
],
"release_date": "2022-09-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:23+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly-elytron: possible timing attacks via use of unsafe comparator"
},
{
"cve": "CVE-2022-40149",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-10-18T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135771"
}
],
"notes": [
{
"category": "description",
"text": "A stack-based buffer overflow vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. This flaw allows an attacker to supply content that causes the parser to crash by writing outside the memory bounds if the parser is running on user-supplied input, resulting in a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: parser crash by stackoverflow",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40149"
},
{
"category": "external",
"summary": "RHBZ#2135771",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135771"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40149",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40149"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149"
},
{
"category": "external",
"summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1",
"url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1"
}
],
"release_date": "2022-09-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:23+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jettison: parser crash by stackoverflow"
},
{
"cve": "CVE-2022-40150",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-10-18T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135770"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. If the parser is running on user-supplied input, an attacker may supply content that causes the parser to crash, causing memory exhaustion. This effect may support a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: memory exhaustion via user-supplied XML or JSON data",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40150"
},
{
"category": "external",
"summary": "RHBZ#2135770",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40150",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40150"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150"
},
{
"category": "external",
"summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1",
"url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1"
}
],
"release_date": "2022-09-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:23+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jettison: memory exhaustion via user-supplied XML or JSON data"
},
{
"cve": "CVE-2022-40152",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-10-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2134291"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the FasterXML/woodstox package. This flaw allows an attacker to cause a denial of service (DoS) in its target via XML serialization. An attacker may benefit from the parser sending a malicious input that may cause a crash. This vulnerability is only relevant for users using the DTD parsing functionality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40152"
},
{
"category": "external",
"summary": "RHBZ#2134291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134291"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40152",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40152"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40152",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40152"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-3f7h-mf4q-vrm4",
"url": "https://github.com/advisories/GHSA-3f7h-mf4q-vrm4"
}
],
"release_date": "2022-09-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:23+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks"
},
{
"cve": "CVE-2022-42003",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135244"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42003"
},
{
"category": "external",
"summary": "RHBZ#2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42003",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:23+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS"
},
{
"cve": "CVE-2022-42004",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135247"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: use of deeply nested arrays",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42004"
},
{
"category": "external",
"summary": "RHBZ#2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42004",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:23+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: use of deeply nested arrays"
},
{
"cve": "CVE-2022-45047",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-11-23T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2145194"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache MINA SSHD, when using Java deserialization to load a serialized java.security.PrivateKey. An attacker could benefit from unsafe deserialization by inserting unsecured data that may affect the application or server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mina-sshd: Java unsafe deserialization vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Impact as High as there\u0027s a mitigation for minimizing the impact which the flaw requires org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to be impacted, which would require an external/public API for an attacker to benefit from it. \n\nRed Hat Fuse 7 and Red Hat JBoss Enterprise Application Platform 7 have a lower rate (moderate) as it\u0027s very unlikely to be exploited since those are for internal usage or use a custom implementation in their case.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45047"
},
{
"category": "external",
"summary": "RHBZ#2145194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45047",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45047"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047"
},
{
"category": "external",
"summary": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html",
"url": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html"
}
],
"release_date": "2022-11-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:23+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
},
{
"category": "workaround",
"details": "From the maintainer:\n\nFor Apache MINA SSHD \u003c= 2.9.1, do not use org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to generate and later load your server\u0027s host key. Use separately generated host key files, for instance in OpenSSH format, and load them via a org.apache.sshd.common.keyprovider.FileKeyPairProvider instead. Or use a custom implementation instead of \nSimpleGeneratorHostKeyProvider that uses the OpenSSH format for storing and loading the host key (via classes OpenSSHKeyPairResourceWriter and OpenSSHKeyPairResourceParser).",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mina-sshd: Java unsafe deserialization vulnerability"
},
{
"cve": "CVE-2022-45693",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-12-23T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155970"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jettison, where it is vulnerable to a denial of service caused by a stack-based buffer overflow. By sending a specially-crafted request using the map parameter, a remote attacker can cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat has determined the impact of this flaw to be Moderate; a successful attack using this flaw would require the processing of untrusted, unsanitized, or unrestricted user inputs, which runs counter to established Red Hat security practices.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45693"
},
{
"category": "external",
"summary": "RHBZ#2155970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155970"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45693",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45693"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45693",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45693"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:23+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos"
},
{
"cve": "CVE-2022-46364",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2022-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155682"
}
],
"notes": [
{
"category": "description",
"text": "A SSRF vulnerability was found in Apache CXF. This issue occurs when parsing the href attribute of XOP:Include in MTOM requests, allowing an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "CXF: SSRF Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Integration Camel Quarkus does not support CXF extensions and so is affected at a reduced impact of Moderate.\nThe RHSSO server does not ship Apache CXF. The component mentioned in CVE-2022-46364 is a transitive dependency coming from Fuse adapters and the test suite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-46364"
},
{
"category": "external",
"summary": "RHBZ#2155682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155682"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-46364",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46364"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46364",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46364"
},
{
"category": "external",
"summary": "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1\u0026modificationDate=1670944472739\u0026api=v2",
"url": "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1\u0026modificationDate=1670944472739\u0026api=v2"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:23+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "CXF: SSRF Vulnerability"
}
]
}
rhsa-2023_0554
Vulnerability from csaf_redhat
Published
2023-01-31 13:15
Modified
2025-01-06 16:22
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.8, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.9 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* jquery: Prototype pollution in object's prototype leading to denial of
service, remote code execution, or property injection (CVE-2019-11358)
* jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251)
* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute
(CVE-2018-14040)
* jquery: Untrusted code execution via <option> tag in HTML passed to DOM
manipulation methods (CVE-2020-11023)
* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method
(CVE-2020-11022)
* bootstrap: XSS in the data-target attribute (CVE-2016-10735)
* bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy
(CVE-2018-14041)
* sshd-common: mina-sshd: Java unsafe deserialization vulnerability
(CVE-2022-45047)
* woodstox-core: woodstox to serialise XML data was vulnerable to Denial of
Service attacks (CVE-2022-40152)
* bootstrap: Cross-site Scripting (XSS) in the data-container property of
tooltip (CVE-2018-14042)
* bootstrap: XSS in the tooltip or popover data-template attribute
(CVE-2019-8331)
* nodejs-moment: Regular expression denial of service (CVE-2017-18214)
* wildfly-elytron: possible timing attacks via use of unsafe comparator
(CVE-2022-3143)
* jackson-databind: use of deeply nested arrays (CVE-2022-42004)
* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS
(CVE-2022-42003)
* jettison: parser crash by stackoverflow (CVE-2022-40149)
* jettison: memory exhaustion via user-supplied XML or JSON data
(CVE-2022-40150)
* jettison: If the value in map is the map's self, the new new JSONObject(map) cause StackOverflowError which may lead to dos (CVE-2022-45693)
* CXF: Apache CXF: SSRF Vulnerability (CVE-2022-46364)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 9.\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.8, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.9 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* jquery: Prototype pollution in object\u0027s prototype leading to denial of\nservice, remote code execution, or property injection (CVE-2019-11358)\n\n* jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251)\n\n* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute\n(CVE-2018-14040)\n\n* jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM\nmanipulation methods (CVE-2020-11023)\n\n* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method\n(CVE-2020-11022)\n\n* bootstrap: XSS in the data-target attribute (CVE-2016-10735)\n\n* bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy\n(CVE-2018-14041)\n\n* sshd-common: mina-sshd: Java unsafe deserialization vulnerability\n(CVE-2022-45047)\n\n* woodstox-core: woodstox to serialise XML data was vulnerable to Denial of\nService attacks (CVE-2022-40152)\n\n* bootstrap: Cross-site Scripting (XSS) in the data-container property of\ntooltip (CVE-2018-14042)\n\n* bootstrap: XSS in the tooltip or popover data-template attribute\n(CVE-2019-8331)\n\n* nodejs-moment: Regular expression denial of service (CVE-2017-18214)\n\n* wildfly-elytron: possible timing attacks via use of unsafe comparator\n(CVE-2022-3143)\n\n* jackson-databind: use of deeply nested arrays (CVE-2022-42004)\n\n* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS\n(CVE-2022-42003)\n\n* jettison: parser crash by stackoverflow (CVE-2022-40149)\n\n* jettison: memory exhaustion via user-supplied XML or JSON data\n(CVE-2022-40150)\n\n* jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos (CVE-2022-45693)\n\n* CXF: Apache CXF: SSRF Vulnerability (CVE-2022-46364)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:0554",
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/"
},
{
"category": "external",
"summary": "1399546",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1399546"
},
{
"category": "external",
"summary": "1553413",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1553413"
},
{
"category": "external",
"summary": "1601614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614"
},
{
"category": "external",
"summary": "1601616",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601616"
},
{
"category": "external",
"summary": "1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "external",
"summary": "1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "1850004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004"
},
{
"category": "external",
"summary": "2124682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124682"
},
{
"category": "external",
"summary": "2134291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134291"
},
{
"category": "external",
"summary": "2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "2135770",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770"
},
{
"category": "external",
"summary": "2135771",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135771"
},
{
"category": "external",
"summary": "2145194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194"
},
{
"category": "external",
"summary": "2155682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155682"
},
{
"category": "external",
"summary": "2155970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155970"
},
{
"category": "external",
"summary": "JBEAP-23864",
"url": "https://issues.redhat.com/browse/JBEAP-23864"
},
{
"category": "external",
"summary": "JBEAP-23865",
"url": "https://issues.redhat.com/browse/JBEAP-23865"
},
{
"category": "external",
"summary": "JBEAP-23866",
"url": "https://issues.redhat.com/browse/JBEAP-23866"
},
{
"category": "external",
"summary": "JBEAP-23928",
"url": "https://issues.redhat.com/browse/JBEAP-23928"
},
{
"category": "external",
"summary": "JBEAP-24055",
"url": "https://issues.redhat.com/browse/JBEAP-24055"
},
{
"category": "external",
"summary": "JBEAP-24081",
"url": "https://issues.redhat.com/browse/JBEAP-24081"
},
{
"category": "external",
"summary": "JBEAP-24095",
"url": "https://issues.redhat.com/browse/JBEAP-24095"
},
{
"category": "external",
"summary": "JBEAP-24100",
"url": "https://issues.redhat.com/browse/JBEAP-24100"
},
{
"category": "external",
"summary": "JBEAP-24127",
"url": "https://issues.redhat.com/browse/JBEAP-24127"
},
{
"category": "external",
"summary": "JBEAP-24128",
"url": "https://issues.redhat.com/browse/JBEAP-24128"
},
{
"category": "external",
"summary": "JBEAP-24132",
"url": "https://issues.redhat.com/browse/JBEAP-24132"
},
{
"category": "external",
"summary": "JBEAP-24147",
"url": "https://issues.redhat.com/browse/JBEAP-24147"
},
{
"category": "external",
"summary": "JBEAP-24167",
"url": "https://issues.redhat.com/browse/JBEAP-24167"
},
{
"category": "external",
"summary": "JBEAP-24191",
"url": "https://issues.redhat.com/browse/JBEAP-24191"
},
{
"category": "external",
"summary": "JBEAP-24195",
"url": "https://issues.redhat.com/browse/JBEAP-24195"
},
{
"category": "external",
"summary": "JBEAP-24207",
"url": "https://issues.redhat.com/browse/JBEAP-24207"
},
{
"category": "external",
"summary": "JBEAP-24248",
"url": "https://issues.redhat.com/browse/JBEAP-24248"
},
{
"category": "external",
"summary": "JBEAP-24426",
"url": "https://issues.redhat.com/browse/JBEAP-24426"
},
{
"category": "external",
"summary": "JBEAP-24427",
"url": "https://issues.redhat.com/browse/JBEAP-24427"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_0554.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update",
"tracking": {
"current_release_date": "2025-01-06T16:22:37+00:00",
"generator": {
"date": "2025-01-06T16:22:37+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.5"
}
},
"id": "RHSA-2023:0554",
"initial_release_date": "2023-01-31T13:15:23+00:00",
"revision_history": [
{
"date": "2023-01-31T13:15:23+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-01-31T13:15:23+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-01-06T16:22:37+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 7.4 for RHEL 9",
"product": {
"name": "Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-elytron-web@1.9.3-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"product": {
"name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"product_id": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-databind@2.12.7-1.redhat_00003.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src",
"product_id": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-woodstox-core@6.4.0-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"product": {
"name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"product_id": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-java8@2.12.7-1.redhat_00003.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"product": {
"name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"product_id": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-javaee-security-soteria@1.0.1-3.redhat_00003.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"product": {
"name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"product_id": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-annotations@2.12.7-1.redhat_00003.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"product": {
"name": "eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"product_id": "eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-providers@2.12.7-1.redhat_00003.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"product": {
"name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"product_id": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-core@2.12.7-1.redhat_00003.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"product": {
"name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"product_id": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-base@2.12.7-1.redhat_00003.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"product": {
"name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"product_id": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jettison@1.5.2-1.redhat_00002.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"product_id": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.2.22-1.SP3_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-remoting@5.0.27-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.3.16-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.5.10-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-jsp-api_2.3_spec@2.0.0-3.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"product_id": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-sshd@2.9.2-1.redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.49-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"product_id": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-jsf-api_2.3_spec@3.0.0-6.SP07_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search@5.10.13-3.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"product": {
"name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"product_id": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.15.16-1.Final_redhat_00001.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"product": {
"name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"product_id": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-24.Final_redhat_00023.1.el9eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"product": {
"name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"product_id": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.4.9-4.GA_redhat_00003.1.el9eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow-server@1.9.3-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product": {
"name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product_id": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-databind@2.12.7-1.redhat_00003.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-woodstox-core@6.4.0-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product": {
"name": "eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product_id": "eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-datatype-jdk8@2.12.7-1.redhat_00003.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product": {
"name": "eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product_id": "eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-datatype-jsr310@2.12.7-1.redhat_00003.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product": {
"name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product_id": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-java8@2.12.7-1.redhat_00003.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"product": {
"name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"product_id": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-javaee-security-soteria@1.0.1-3.redhat_00003.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"product": {
"name": "eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"product_id": "eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-javaee-security-soteria-enterprise@1.0.1-3.redhat_00003.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product": {
"name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product_id": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-annotations@2.12.7-1.redhat_00003.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product": {
"name": "eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product_id": "eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-base@2.12.7-1.redhat_00003.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product": {
"name": "eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product_id": "eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-json-provider@2.12.7-1.redhat_00003.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product": {
"name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product_id": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-core@2.12.7-1.redhat_00003.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product": {
"name": "eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product_id": "eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-module-jaxb-annotations@2.12.7-1.redhat_00003.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product": {
"name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product_id": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-base@2.12.7-1.redhat_00003.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"product": {
"name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"product_id": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jettison@1.5.2-1.redhat_00002.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.2.22-1.SP3_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-remoting@5.0.27-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.3.16-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.5.10-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-api@1.5.10-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-impl@1.5.10-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-spi@1.5.10-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-api@1.5.10-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-impl@1.5.10-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-deployers-common@1.5.10-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-jdbc@1.5.10-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-validator@1.5.10-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-jsp-api_2.3_spec@2.0.0-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"product_id": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-sshd@2.9.2-1.redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.49-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-jsf-api_2.3_spec@3.0.0-6.SP07_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search@5.10.13-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search-backend-jgroups@5.10.13-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search-backend-jms@5.10.13-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search-engine@5.10.13-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search-orm@5.10.13-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search-serialization-avro@5.10.13-3.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.15.16-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"product_id": "eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron-tool@1.15.16-1.Final_redhat_00001.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"product_id": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-24.Final_redhat_00023.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"product_id": "eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.10.0-24.Final_redhat_00023.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"product_id": "eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.10.0-24.Final_redhat_00023.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"product_id": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.4.9-4.GA_redhat_00003.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"product_id": "eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.4.9-4.GA_redhat_00003.1.el9eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"product": {
"name": "eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"product_id": "eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.4.9-4.GA_redhat_00003.1.el9eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch"
},
"product_reference": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src"
},
"product_reference": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch"
},
"product_reference": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src"
},
"product_reference": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch"
},
"product_reference": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src"
},
"product_reference": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch"
},
"product_reference": "eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch"
},
"product_reference": "eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch"
},
"product_reference": "eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch"
},
"product_reference": "eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src"
},
"product_reference": "eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch"
},
"product_reference": "eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch"
},
"product_reference": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src"
},
"product_reference": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch"
},
"product_reference": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src"
},
"product_reference": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch"
},
"product_reference": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src"
},
"product_reference": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch"
},
"product_reference": "eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src"
},
"product_reference": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch"
},
"product_reference": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src"
},
"product_reference": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src"
},
"product_reference": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch"
},
"product_reference": "eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch"
},
"product_reference": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"relates_to_product_reference": "9Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9",
"product_id": "9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
},
"product_reference": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src",
"relates_to_product_reference": "9Base-JBEAP-7.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-9251",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2016-11-27T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1399546"
}
],
"notes": [
{
"category": "description",
"text": "jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Cross-site scripting via cross-domain ajax requests",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-9251"
},
{
"category": "external",
"summary": "RHBZ#1399546",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1399546"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-9251",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9251"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-9251",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-9251"
}
],
"release_date": "2015-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:23+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jquery: Cross-site scripting via cross-domain ajax requests"
},
{
"cve": "CVE-2016-10735",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668097"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the data-target attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-10735"
},
{
"category": "external",
"summary": "RHBZ#1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10735"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735"
}
],
"release_date": "2016-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:23+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "bootstrap: XSS in the data-target attribute"
},
{
"cve": "CVE-2017-18214",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2018-03-08T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1553413"
}
],
"notes": [
{
"category": "description",
"text": "The moment module before 2.19.3 for Node.js is prone to a regular expression denial of service via a crafted date string, a different vulnerability than CVE-2016-4055.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-moment: Regular expression denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of momentjs as shipped with Red Hat Enterprise Satellite 5. Red Hat Product Security has rated this issue as having security impact of Moderate. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-18214"
},
{
"category": "external",
"summary": "RHBZ#1553413",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1553413"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-18214",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18214"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-18214",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-18214"
}
],
"release_date": "2017-09-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:23+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "nodejs-moment: Regular expression denial of service"
},
{
"cve": "CVE-2018-14040",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601614"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14040"
},
{
"category": "external",
"summary": "RHBZ#1601614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14040",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14040"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:23+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute"
},
{
"cve": "CVE-2018-14041",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601616"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting, caused by improper validation of user-supplied input by the data-target property of scrollspy. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14041"
},
{
"category": "external",
"summary": "RHBZ#1601616",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601616"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14041",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14041"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14041",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14041"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:23+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy"
},
{
"cve": "CVE-2018-14042",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601617"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14042"
},
{
"category": "external",
"summary": "RHBZ#1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14042",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14042"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:23+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip"
},
{
"cve": "CVE-2019-8331",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-02-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1686454"
}
],
"notes": [
{
"category": "description",
"text": "A cross-site scripting vulnerability was discovered in bootstrap. If an attacker could control the data given to tooltip or popover, they could inject HTML or Javascript into the rendered page when tooltip or popover events fired.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the tooltip or popover data-template attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-8331"
},
{
"category": "external",
"summary": "RHBZ#1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-8331",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8331"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331"
}
],
"release_date": "2019-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:23+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "bootstrap: XSS in the tooltip or popover data-template attribute"
},
{
"cve": "CVE-2019-11358",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-03-28T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1701972"
}
],
"notes": [
{
"category": "description",
"text": "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-11358"
},
{
"category": "external",
"summary": "RHBZ#1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/",
"url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/"
},
{
"category": "external",
"summary": "https://www.drupal.org/sa-core-2019-006",
"url": "https://www.drupal.org/sa-core-2019-006"
}
],
"release_date": "2019-03-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:23+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection"
},
{
"cve": "CVE-2020-11022",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-04-23T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1828406"
}
],
"notes": [
{
"category": "description",
"text": "A Cross-site scripting (XSS) vulnerability exists in JQuery. This flaw allows an attacker with the ability to supply input to the \u2018HTML\u2019 function to inject Javascript into the page where that input is rendered, and have it delivered by the browser.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "No supported release of Red Hat OpenStack Platform is affected by this vulnerability as no shipped packages contain the vulnerable code.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11022"
},
{
"category": "external",
"summary": "RHBZ#1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11022",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2",
"url": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2"
}
],
"release_date": "2020-04-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:23+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method"
},
{
"cve": "CVE-2020-11023",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-06-23T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1850004"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jQuery. HTML containing \\\u003coption\\\u003e elements from untrusted sources are passed, even after sanitizing, to one of jQuery\u0027s DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux versions 6, 7, and 8 ship a vulnerable version of JQuery in the `pcs` component. However, the vulnerability has not been found to be exploitable in reasonable scenarios. \n\nIn RHEL7, pcs-0.9.169-3.el7_9.3 [RHSA-2022:7343] contains an updated version of jquery (3.6.0), which does not contain the vulnerable code.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11023"
},
{
"category": "external",
"summary": "RHBZ#1850004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/",
"url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/"
}
],
"release_date": "2020-04-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:23+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods"
},
{
"cve": "CVE-2022-3143",
"cwe": {
"id": "CWE-208",
"name": "Observable Timing Discrepancy"
},
"discovery_date": "2022-09-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2124682"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly-elytron. Wildfly-elytron uses java.util.Arrays.equals in several places, which is unsafe and vulnerable to timing attacks. To compare values securely, use java.security.MessageDigest.isEqual instead. This flaw allows an attacker to access secure information or impersonate an authed user.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly-elytron: possible timing attacks via use of unsafe comparator",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-3143"
},
{
"category": "external",
"summary": "RHBZ#2124682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124682"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-3143",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3143"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3143",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3143"
}
],
"release_date": "2022-09-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:23+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly-elytron: possible timing attacks via use of unsafe comparator"
},
{
"cve": "CVE-2022-40149",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-10-18T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135771"
}
],
"notes": [
{
"category": "description",
"text": "A stack-based buffer overflow vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. This flaw allows an attacker to supply content that causes the parser to crash by writing outside the memory bounds if the parser is running on user-supplied input, resulting in a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: parser crash by stackoverflow",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40149"
},
{
"category": "external",
"summary": "RHBZ#2135771",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135771"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40149",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40149"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149"
},
{
"category": "external",
"summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1",
"url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1"
}
],
"release_date": "2022-09-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:23+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jettison: parser crash by stackoverflow"
},
{
"cve": "CVE-2022-40150",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-10-18T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135770"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. If the parser is running on user-supplied input, an attacker may supply content that causes the parser to crash, causing memory exhaustion. This effect may support a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: memory exhaustion via user-supplied XML or JSON data",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40150"
},
{
"category": "external",
"summary": "RHBZ#2135770",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40150",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40150"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150"
},
{
"category": "external",
"summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1",
"url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1"
}
],
"release_date": "2022-09-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:23+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jettison: memory exhaustion via user-supplied XML or JSON data"
},
{
"cve": "CVE-2022-40152",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-10-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2134291"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the FasterXML/woodstox package. This flaw allows an attacker to cause a denial of service (DoS) in its target via XML serialization. An attacker may benefit from the parser sending a malicious input that may cause a crash. This vulnerability is only relevant for users using the DTD parsing functionality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40152"
},
{
"category": "external",
"summary": "RHBZ#2134291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134291"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40152",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40152"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40152",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40152"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-3f7h-mf4q-vrm4",
"url": "https://github.com/advisories/GHSA-3f7h-mf4q-vrm4"
}
],
"release_date": "2022-09-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:23+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks"
},
{
"cve": "CVE-2022-42003",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135244"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42003"
},
{
"category": "external",
"summary": "RHBZ#2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42003",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:23+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS"
},
{
"cve": "CVE-2022-42004",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135247"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: use of deeply nested arrays",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42004"
},
{
"category": "external",
"summary": "RHBZ#2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42004",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:23+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: use of deeply nested arrays"
},
{
"cve": "CVE-2022-45047",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-11-23T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2145194"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache MINA SSHD, when using Java deserialization to load a serialized java.security.PrivateKey. An attacker could benefit from unsafe deserialization by inserting unsecured data that may affect the application or server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mina-sshd: Java unsafe deserialization vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Impact as High as there\u0027s a mitigation for minimizing the impact which the flaw requires org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to be impacted, which would require an external/public API for an attacker to benefit from it. \n\nRed Hat Fuse 7 and Red Hat JBoss Enterprise Application Platform 7 have a lower rate (moderate) as it\u0027s very unlikely to be exploited since those are for internal usage or use a custom implementation in their case.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45047"
},
{
"category": "external",
"summary": "RHBZ#2145194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45047",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45047"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047"
},
{
"category": "external",
"summary": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html",
"url": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html"
}
],
"release_date": "2022-11-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:23+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
},
{
"category": "workaround",
"details": "From the maintainer:\n\nFor Apache MINA SSHD \u003c= 2.9.1, do not use org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to generate and later load your server\u0027s host key. Use separately generated host key files, for instance in OpenSSH format, and load them via a org.apache.sshd.common.keyprovider.FileKeyPairProvider instead. Or use a custom implementation instead of \nSimpleGeneratorHostKeyProvider that uses the OpenSSH format for storing and loading the host key (via classes OpenSSHKeyPairResourceWriter and OpenSSHKeyPairResourceParser).",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mina-sshd: Java unsafe deserialization vulnerability"
},
{
"cve": "CVE-2022-45693",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-12-23T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155970"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jettison, where it is vulnerable to a denial of service caused by a stack-based buffer overflow. By sending a specially-crafted request using the map parameter, a remote attacker can cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat has determined the impact of this flaw to be Moderate; a successful attack using this flaw would require the processing of untrusted, unsanitized, or unrestricted user inputs, which runs counter to established Red Hat security practices.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src"
],
"known_not_affected": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45693"
},
{
"category": "external",
"summary": "RHBZ#2155970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155970"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45693",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45693"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45693",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45693"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:23+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos"
},
{
"cve": "CVE-2022-46364",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2022-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155682"
}
],
"notes": [
{
"category": "description",
"text": "A SSRF vulnerability was found in Apache CXF. This issue occurs when parsing the href attribute of XOP:Include in MTOM requests, allowing an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "CXF: SSRF Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Integration Camel Quarkus does not support CXF extensions and so is affected at a reduced impact of Moderate.\nThe RHSSO server does not ship Apache CXF. The component mentioned in CVE-2022-46364 is a transitive dependency coming from Fuse adapters and the test suite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-46364"
},
{
"category": "external",
"summary": "RHBZ#2155682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155682"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-46364",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46364"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46364",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46364"
},
{
"category": "external",
"summary": "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1\u0026modificationDate=1670944472739\u0026api=v2",
"url": "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1\u0026modificationDate=1670944472739\u0026api=v2"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:15:23+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el9eap.src",
"9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.noarch",
"9Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el9eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "CXF: SSRF Vulnerability"
}
]
}
RHSA-2020:4670
Vulnerability from csaf_redhat
Published
2020-11-04 01:31
Modified
2025-10-13 04:53
Summary
Red Hat Security Advisory: idm:DL1 and idm:client security, bug fix, and enhancement update
Notes
Topic
An update for the idm:DL1 and idm:client modules is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments.
The following packages have been upgraded to a later upstream version: ipa (4.8.7), softhsm (2.6.0), opendnssec (2.1.6). (BZ#1759888, BZ#1818765, BZ#1818877)
Security Fix(es):
* js-jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251)
* bootstrap: XSS in the data-target attribute (CVE-2016-10735)
* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)
* bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip (CVE-2018-14042)
* bootstrap: XSS in the tooltip data-viewport attribute (CVE-2018-20676)
* bootstrap: XSS in the affix configuration target property (CVE-2018-20677)
* bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331)
* js-jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection (CVE-2019-11358)
* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)
* ipa: No password length restriction leads to denial of service (CVE-2020-1722)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for the idm:DL1 and idm:client modules is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. \n\nThe following packages have been upgraded to a later upstream version: ipa (4.8.7), softhsm (2.6.0), opendnssec (2.1.6). (BZ#1759888, BZ#1818765, BZ#1818877)\n\nSecurity Fix(es):\n\n* js-jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251)\n\n* bootstrap: XSS in the data-target attribute (CVE-2016-10735)\n\n* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)\n\n* bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip (CVE-2018-14042)\n\n* bootstrap: XSS in the tooltip data-viewport attribute (CVE-2018-20676)\n\n* bootstrap: XSS in the affix configuration target property (CVE-2018-20677)\n\n* bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331)\n\n* js-jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection (CVE-2019-11358)\n\n* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)\n\n* ipa: No password length restriction leads to denial of service (CVE-2020-1722)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:4670",
"url": "https://access.redhat.com/errata/RHSA-2020:4670"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.3_release_notes/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.3_release_notes/"
},
{
"category": "external",
"summary": "1399546",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1399546"
},
{
"category": "external",
"summary": "1430365",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1430365"
},
{
"category": "external",
"summary": "1488732",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1488732"
},
{
"category": "external",
"summary": "1585020",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1585020"
},
{
"category": "external",
"summary": "1601614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614"
},
{
"category": "external",
"summary": "1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "1651577",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1651577"
},
{
"category": "external",
"summary": "1668082",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668082"
},
{
"category": "external",
"summary": "1668089",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668089"
},
{
"category": "external",
"summary": "1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "external",
"summary": "1701233",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701233"
},
{
"category": "external",
"summary": "1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "1746830",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1746830"
},
{
"category": "external",
"summary": "1750893",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1750893"
},
{
"category": "external",
"summary": "1751295",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1751295"
},
{
"category": "external",
"summary": "1757045",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1757045"
},
{
"category": "external",
"summary": "1759888",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1759888"
},
{
"category": "external",
"summary": "1768156",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1768156"
},
{
"category": "external",
"summary": "1777806",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1777806"
},
{
"category": "external",
"summary": "1793071",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1793071"
},
{
"category": "external",
"summary": "1801698",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1801698"
},
{
"category": "external",
"summary": "1802471",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1802471"
},
{
"category": "external",
"summary": "1809835",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1809835"
},
{
"category": "external",
"summary": "1810154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1810154"
},
{
"category": "external",
"summary": "1810179",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1810179"
},
{
"category": "external",
"summary": "1813330",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1813330"
},
{
"category": "external",
"summary": "1816784",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816784"
},
{
"category": "external",
"summary": "1818765",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1818765"
},
{
"category": "external",
"summary": "1818877",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1818877"
},
{
"category": "external",
"summary": "1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "1831732",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1831732"
},
{
"category": "external",
"summary": "1831935",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1831935"
},
{
"category": "external",
"summary": "1832331",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1832331"
},
{
"category": "external",
"summary": "1833266",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1833266"
},
{
"category": "external",
"summary": "1834264",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1834264"
},
{
"category": "external",
"summary": "1834909",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1834909"
},
{
"category": "external",
"summary": "1845211",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1845211"
},
{
"category": "external",
"summary": "1845537",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1845537"
},
{
"category": "external",
"summary": "1845596",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1845596"
},
{
"category": "external",
"summary": "1846352",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1846352"
},
{
"category": "external",
"summary": "1846434",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1846434"
},
{
"category": "external",
"summary": "1847999",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1847999"
},
{
"category": "external",
"summary": "1849914",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1849914"
},
{
"category": "external",
"summary": "1851411",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1851411"
},
{
"category": "external",
"summary": "1852244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1852244"
},
{
"category": "external",
"summary": "1853263",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1853263"
},
{
"category": "external",
"summary": "1857157",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857157"
},
{
"category": "external",
"summary": "1858318",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1858318"
},
{
"category": "external",
"summary": "1859213",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1859213"
},
{
"category": "external",
"summary": "1863079",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1863079"
},
{
"category": "external",
"summary": "1863616",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1863616"
},
{
"category": "external",
"summary": "1866291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1866291"
},
{
"category": "external",
"summary": "1866938",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1866938"
},
{
"category": "external",
"summary": "1868432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1868432"
},
{
"category": "external",
"summary": "1869311",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1869311"
},
{
"category": "external",
"summary": "1870202",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1870202"
},
{
"category": "external",
"summary": "1874015",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1874015"
},
{
"category": "external",
"summary": "1875348",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1875348"
},
{
"category": "external",
"summary": "1879604",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1879604"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_4670.json"
}
],
"title": "Red Hat Security Advisory: idm:DL1 and idm:client security, bug fix, and enhancement update",
"tracking": {
"current_release_date": "2025-10-13T04:53:18+00:00",
"generator": {
"date": "2025-10-13T04:53:18+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2020:4670",
"initial_release_date": "2020-11-04T01:31:18+00:00",
"revision_history": [
{
"date": "2020-11-04T01:31:18+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-11-04T01:31:18+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-13T04:53:18+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.src.rpm-idm:DL1",
"product": {
"name": "bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.src.rpm (idm:DL1)",
"product_id": "bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.src.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bind-dyndb-ldap@11.3-1.module%2Bel8.3.0%2B6993%2B104f8db0?arch=src\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "custodia-0.6.0-3.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"product": {
"name": "custodia-0.6.0-3.module+el8.1.0+4098+f286395e.src.rpm (idm:DL1)",
"product_id": "custodia-0.6.0-3.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/custodia@0.6.0-3.module%2Bel8.1.0%2B4098%2Bf286395e?arch=src\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-4.8.7-12.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"product": {
"name": "ipa-4.8.7-12.module+el8.3.0+8222+c1bff54a.src.rpm (idm:DL1)",
"product_id": "ipa-4.8.7-12.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=src\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.src.rpm-idm:DL1",
"product": {
"name": "ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.src.rpm (idm:DL1)",
"product_id": "ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.src.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-healthcheck@0.4-6.module%2Bel8.3.0%2B7710%2Be2408ce4?arch=src\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.src.rpm-idm:DL1",
"product": {
"name": "opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.src.rpm (idm:DL1)",
"product_id": "opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.src.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/opendnssec@2.1.6-2.module%2Bel8.3.0%2B6580%2B328a3362?arch=src\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "python-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"product": {
"name": "python-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.src.rpm (idm:DL1)",
"product_id": "python-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-jwcrypto@0.5.0-1.module%2Bel8.1.0%2B4098%2Bf286395e?arch=src\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "python-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.src.rpm-idm:DL1",
"product": {
"name": "python-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.src.rpm (idm:DL1)",
"product_id": "python-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.src.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-kdcproxy@0.4-5.module%2Bel8.2.0%2B4691%2Ba05b2456?arch=src\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "python-qrcode-5.1-12.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"product": {
"name": "python-qrcode-5.1-12.module+el8.1.0+4098+f286395e.src.rpm (idm:DL1)",
"product_id": "python-qrcode-5.1-12.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-qrcode@5.1-12.module%2Bel8.1.0%2B4098%2Bf286395e?arch=src\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "python-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"product": {
"name": "python-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.src.rpm (idm:DL1)",
"product_id": "python-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-yubico@1.3.2-9.module%2Bel8.1.0%2B4098%2Bf286395e?arch=src\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"product": {
"name": "pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.src.rpm (idm:DL1)",
"product_id": "pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pyusb@1.0.0-9.module%2Bel8.1.0%2B4098%2Bf286395e?arch=src\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"product": {
"name": "slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.src.rpm (idm:DL1)",
"product_id": "slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slapi-nis@0.56.5-4.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=src\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.src.rpm-idm:DL1",
"product": {
"name": "softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.src.rpm (idm:DL1)",
"product_id": "softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.src.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/softhsm@2.6.0-3.module%2Bel8.3.0%2B6909%2Bfb33717d?arch=src\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-4.8.7-12.module+el8.3.0+8223+6212645f.src.rpm-idm:client",
"product": {
"name": "ipa-4.8.7-12.module+el8.3.0+8223+6212645f.src.rpm (idm:client)",
"product_id": "ipa-4.8.7-12.module+el8.3.0+8223+6212645f.src.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=src\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "ipa-healthcheck-0.4-6.module+el8.3.0+7711+c4441980.src.rpm-idm:client",
"product": {
"name": "ipa-healthcheck-0.4-6.module+el8.3.0+7711+c4441980.src.rpm (idm:client)",
"product_id": "ipa-healthcheck-0.4-6.module+el8.3.0+7711+c4441980.src.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-healthcheck@0.4-6.module%2Bel8.3.0%2B7711%2Bc4441980?arch=src\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "python-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"product": {
"name": "python-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.src.rpm (idm:client)",
"product_id": "python-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-jwcrypto@0.5.0-1.module%2Bel8.1.0%2B4107%2B4a66eb87?arch=src\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "python-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"product": {
"name": "python-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.src.rpm (idm:client)",
"product_id": "python-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-qrcode@5.1-12.module%2Bel8.1.0%2B4107%2B4a66eb87?arch=src\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "python-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"product": {
"name": "python-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.src.rpm (idm:client)",
"product_id": "python-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-yubico@1.3.2-9.module%2Bel8.1.0%2B4107%2B4a66eb87?arch=src\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"product": {
"name": "pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.src.rpm (idm:client)",
"product_id": "pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pyusb@1.0.0-9.module%2Bel8.1.0%2B4107%2B4a66eb87?arch=src\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"product": {
"name": "bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm (idm:DL1)",
"product_id": "bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bind-dyndb-ldap@11.3-1.module%2Bel8.3.0%2B6993%2B104f8db0?arch=x86_64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"product": {
"name": "bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm (idm:DL1)",
"product_id": "bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bind-dyndb-ldap-debuginfo@11.3-1.module%2Bel8.3.0%2B6993%2B104f8db0?arch=x86_64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"product": {
"name": "bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm (idm:DL1)",
"product_id": "bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bind-dyndb-ldap-debugsource@11.3-1.module%2Bel8.3.0%2B6993%2B104f8db0?arch=x86_64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"product": {
"name": "ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm (idm:DL1)",
"product_id": "ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=x86_64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"product": {
"name": "ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm (idm:DL1)",
"product_id": "ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=x86_64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"product": {
"name": "ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm (idm:DL1)",
"product_id": "ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-epn@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=x86_64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"product": {
"name": "ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm (idm:DL1)",
"product_id": "ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-samba@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=x86_64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"product": {
"name": "ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm (idm:DL1)",
"product_id": "ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=x86_64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"product": {
"name": "ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm (idm:DL1)",
"product_id": "ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-debugsource@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=x86_64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"product": {
"name": "ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm (idm:DL1)",
"product_id": "ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=x86_64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"product": {
"name": "ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm (idm:DL1)",
"product_id": "ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=x86_64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"product": {
"name": "ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm (idm:DL1)",
"product_id": "ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server-trust-ad@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=x86_64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"product": {
"name": "ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm (idm:DL1)",
"product_id": "ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server-trust-ad-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=x86_64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"product": {
"name": "opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm (idm:DL1)",
"product_id": "opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/opendnssec@2.1.6-2.module%2Bel8.3.0%2B6580%2B328a3362?arch=x86_64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"product": {
"name": "opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm (idm:DL1)",
"product_id": "opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/opendnssec-debuginfo@2.1.6-2.module%2Bel8.3.0%2B6580%2B328a3362?arch=x86_64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"product": {
"name": "opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm (idm:DL1)",
"product_id": "opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/opendnssec-debugsource@2.1.6-2.module%2Bel8.3.0%2B6580%2B328a3362?arch=x86_64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"product": {
"name": "slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm (idm:DL1)",
"product_id": "slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slapi-nis@0.56.5-4.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=x86_64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"product": {
"name": "slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm (idm:DL1)",
"product_id": "slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slapi-nis-debuginfo@0.56.5-4.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=x86_64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"product": {
"name": "slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm (idm:DL1)",
"product_id": "slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slapi-nis-debugsource@0.56.5-4.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=x86_64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"product": {
"name": "softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm (idm:DL1)",
"product_id": "softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/softhsm@2.6.0-3.module%2Bel8.3.0%2B6909%2Bfb33717d?arch=x86_64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"product": {
"name": "softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm (idm:DL1)",
"product_id": "softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/softhsm-debuginfo@2.6.0-3.module%2Bel8.3.0%2B6909%2Bfb33717d?arch=x86_64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"product": {
"name": "softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm (idm:DL1)",
"product_id": "softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/softhsm-debugsource@2.6.0-3.module%2Bel8.3.0%2B6909%2Bfb33717d?arch=x86_64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"product": {
"name": "softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm (idm:DL1)",
"product_id": "softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/softhsm-devel@2.6.0-3.module%2Bel8.3.0%2B6909%2Bfb33717d?arch=x86_64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"product": {
"name": "ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm (idm:client)",
"product_id": "ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=x86_64\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"product": {
"name": "ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm (idm:client)",
"product_id": "ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=x86_64\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"product": {
"name": "ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm (idm:client)",
"product_id": "ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-epn@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=x86_64\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"product": {
"name": "ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm (idm:client)",
"product_id": "ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-samba@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=x86_64\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"product": {
"name": "ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm (idm:client)",
"product_id": "ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=x86_64\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"product": {
"name": "ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm (idm:client)",
"product_id": "ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-debugsource@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=x86_64\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"product": {
"name": "custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm (idm:DL1)",
"product_id": "custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/custodia@0.6.0-3.module%2Bel8.1.0%2B4098%2Bf286395e?arch=noarch\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-client-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"product": {
"name": "ipa-client-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm (idm:DL1)",
"product_id": "ipa-client-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-common@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=noarch\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"product": {
"name": "ipa-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm (idm:DL1)",
"product_id": "ipa-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-common@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=noarch\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"product": {
"name": "ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm (idm:DL1)",
"product_id": "ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-healthcheck@0.4-6.module%2Bel8.3.0%2B7710%2Be2408ce4?arch=noarch\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-healthcheck-core-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"product": {
"name": "ipa-healthcheck-core-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm (idm:DL1)",
"product_id": "ipa-healthcheck-core-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-healthcheck-core@0.4-6.module%2Bel8.3.0%2B7710%2Be2408ce4?arch=noarch\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-python-compat-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"product": {
"name": "ipa-python-compat-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm (idm:DL1)",
"product_id": "ipa-python-compat-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-python-compat@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=noarch\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-selinux-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"product": {
"name": "ipa-selinux-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm (idm:DL1)",
"product_id": "ipa-selinux-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-selinux@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=noarch\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-server-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"product": {
"name": "ipa-server-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm (idm:DL1)",
"product_id": "ipa-server-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server-common@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=noarch\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-server-dns-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"product": {
"name": "ipa-server-dns-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm (idm:DL1)",
"product_id": "ipa-server-dns-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server-dns@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=noarch\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"product": {
"name": "python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm (idm:DL1)",
"product_id": "python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-custodia@0.6.0-3.module%2Bel8.1.0%2B4098%2Bf286395e?arch=noarch\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "python3-ipaclient-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"product": {
"name": "python3-ipaclient-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm (idm:DL1)",
"product_id": "python3-ipaclient-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-ipaclient@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=noarch\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "python3-ipalib-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"product": {
"name": "python3-ipalib-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm (idm:DL1)",
"product_id": "python3-ipalib-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-ipalib@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=noarch\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "python3-ipaserver-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"product": {
"name": "python3-ipaserver-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm (idm:DL1)",
"product_id": "python3-ipaserver-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-ipaserver@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=noarch\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"product": {
"name": "python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.noarch.rpm (idm:DL1)",
"product_id": "python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-jwcrypto@0.5.0-1.module%2Bel8.1.0%2B4098%2Bf286395e?arch=noarch\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch.rpm-idm:DL1",
"product": {
"name": "python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch.rpm (idm:DL1)",
"product_id": "python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-kdcproxy@0.4-5.module%2Bel8.2.0%2B4691%2Ba05b2456?arch=noarch\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"product": {
"name": "python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.noarch.rpm (idm:DL1)",
"product_id": "python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-pyusb@1.0.0-9.module%2Bel8.1.0%2B4098%2Bf286395e?arch=noarch\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "python3-qrcode-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"product": {
"name": "python3-qrcode-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm (idm:DL1)",
"product_id": "python3-qrcode-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-qrcode@5.1-12.module%2Bel8.1.0%2B4098%2Bf286395e?arch=noarch\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"product": {
"name": "python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm (idm:DL1)",
"product_id": "python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-qrcode-core@5.1-12.module%2Bel8.1.0%2B4098%2Bf286395e?arch=noarch\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"product": {
"name": "python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch.rpm (idm:DL1)",
"product_id": "python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-yubico@1.3.2-9.module%2Bel8.1.0%2B4098%2Bf286395e?arch=noarch\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-client-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"product": {
"name": "ipa-client-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm (idm:client)",
"product_id": "ipa-client-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-common@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=noarch\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "ipa-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"product": {
"name": "ipa-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm (idm:client)",
"product_id": "ipa-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-common@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=noarch\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "ipa-healthcheck-core-0.4-6.module+el8.3.0+7711+c4441980.noarch.rpm-idm:client",
"product": {
"name": "ipa-healthcheck-core-0.4-6.module+el8.3.0+7711+c4441980.noarch.rpm (idm:client)",
"product_id": "ipa-healthcheck-core-0.4-6.module+el8.3.0+7711+c4441980.noarch.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-healthcheck-core@0.4-6.module%2Bel8.3.0%2B7711%2Bc4441980?arch=noarch\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "ipa-python-compat-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"product": {
"name": "ipa-python-compat-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm (idm:client)",
"product_id": "ipa-python-compat-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-python-compat@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=noarch\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "ipa-selinux-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"product": {
"name": "ipa-selinux-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm (idm:client)",
"product_id": "ipa-selinux-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-selinux@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=noarch\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "python3-ipaclient-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"product": {
"name": "python3-ipaclient-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm (idm:client)",
"product_id": "python3-ipaclient-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-ipaclient@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=noarch\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "python3-ipalib-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"product": {
"name": "python3-ipalib-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm (idm:client)",
"product_id": "python3-ipalib-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-ipalib@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=noarch\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "python3-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"product": {
"name": "python3-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch.rpm (idm:client)",
"product_id": "python3-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-jwcrypto@0.5.0-1.module%2Bel8.1.0%2B4107%2B4a66eb87?arch=noarch\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "python3-pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"product": {
"name": "python3-pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch.rpm (idm:client)",
"product_id": "python3-pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-pyusb@1.0.0-9.module%2Bel8.1.0%2B4107%2B4a66eb87?arch=noarch\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "python3-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"product": {
"name": "python3-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm (idm:client)",
"product_id": "python3-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-qrcode@5.1-12.module%2Bel8.1.0%2B4107%2B4a66eb87?arch=noarch\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "python3-qrcode-core-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"product": {
"name": "python3-qrcode-core-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm (idm:client)",
"product_id": "python3-qrcode-core-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-qrcode-core@5.1-12.module%2Bel8.1.0%2B4107%2B4a66eb87?arch=noarch\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "python3-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"product": {
"name": "python3-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch.rpm (idm:client)",
"product_id": "python3-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-yubico@1.3.2-9.module%2Bel8.1.0%2B4107%2B4a66eb87?arch=noarch\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"product": {
"name": "bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm (idm:DL1)",
"product_id": "bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bind-dyndb-ldap@11.3-1.module%2Bel8.3.0%2B6993%2B104f8db0?arch=s390x\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"product": {
"name": "bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm (idm:DL1)",
"product_id": "bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bind-dyndb-ldap-debuginfo@11.3-1.module%2Bel8.3.0%2B6993%2B104f8db0?arch=s390x\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"product": {
"name": "bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm (idm:DL1)",
"product_id": "bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bind-dyndb-ldap-debugsource@11.3-1.module%2Bel8.3.0%2B6993%2B104f8db0?arch=s390x\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"product": {
"name": "ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm (idm:DL1)",
"product_id": "ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=s390x\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"product": {
"name": "ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm (idm:DL1)",
"product_id": "ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=s390x\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"product": {
"name": "ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm (idm:DL1)",
"product_id": "ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-epn@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=s390x\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"product": {
"name": "ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm (idm:DL1)",
"product_id": "ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-samba@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=s390x\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"product": {
"name": "ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm (idm:DL1)",
"product_id": "ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=s390x\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"product": {
"name": "ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm (idm:DL1)",
"product_id": "ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-debugsource@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=s390x\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"product": {
"name": "ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm (idm:DL1)",
"product_id": "ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=s390x\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"product": {
"name": "ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm (idm:DL1)",
"product_id": "ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=s390x\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"product": {
"name": "ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm (idm:DL1)",
"product_id": "ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server-trust-ad@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=s390x\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"product": {
"name": "ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm (idm:DL1)",
"product_id": "ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server-trust-ad-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=s390x\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"product": {
"name": "opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm (idm:DL1)",
"product_id": "opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/opendnssec@2.1.6-2.module%2Bel8.3.0%2B6580%2B328a3362?arch=s390x\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"product": {
"name": "opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm (idm:DL1)",
"product_id": "opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/opendnssec-debuginfo@2.1.6-2.module%2Bel8.3.0%2B6580%2B328a3362?arch=s390x\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"product": {
"name": "opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm (idm:DL1)",
"product_id": "opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/opendnssec-debugsource@2.1.6-2.module%2Bel8.3.0%2B6580%2B328a3362?arch=s390x\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"product": {
"name": "slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm (idm:DL1)",
"product_id": "slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slapi-nis@0.56.5-4.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=s390x\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"product": {
"name": "slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm (idm:DL1)",
"product_id": "slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slapi-nis-debuginfo@0.56.5-4.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=s390x\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"product": {
"name": "slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm (idm:DL1)",
"product_id": "slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slapi-nis-debugsource@0.56.5-4.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=s390x\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"product": {
"name": "softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm (idm:DL1)",
"product_id": "softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/softhsm@2.6.0-3.module%2Bel8.3.0%2B6909%2Bfb33717d?arch=s390x\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"product": {
"name": "softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm (idm:DL1)",
"product_id": "softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/softhsm-debuginfo@2.6.0-3.module%2Bel8.3.0%2B6909%2Bfb33717d?arch=s390x\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"product": {
"name": "softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm (idm:DL1)",
"product_id": "softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/softhsm-debugsource@2.6.0-3.module%2Bel8.3.0%2B6909%2Bfb33717d?arch=s390x\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"product": {
"name": "softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm (idm:DL1)",
"product_id": "softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/softhsm-devel@2.6.0-3.module%2Bel8.3.0%2B6909%2Bfb33717d?arch=s390x\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"product": {
"name": "ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm (idm:client)",
"product_id": "ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=s390x\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"product": {
"name": "ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm (idm:client)",
"product_id": "ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=s390x\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"product": {
"name": "ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm (idm:client)",
"product_id": "ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-epn@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=s390x\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"product": {
"name": "ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm (idm:client)",
"product_id": "ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-samba@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=s390x\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"product": {
"name": "ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm (idm:client)",
"product_id": "ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=s390x\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"product": {
"name": "ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm (idm:client)",
"product_id": "ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-debugsource@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=s390x\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"product": {
"name": "bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm (idm:DL1)",
"product_id": "bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bind-dyndb-ldap@11.3-1.module%2Bel8.3.0%2B6993%2B104f8db0?arch=ppc64le\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"product": {
"name": "bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm (idm:DL1)",
"product_id": "bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bind-dyndb-ldap-debuginfo@11.3-1.module%2Bel8.3.0%2B6993%2B104f8db0?arch=ppc64le\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"product": {
"name": "bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm (idm:DL1)",
"product_id": "bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bind-dyndb-ldap-debugsource@11.3-1.module%2Bel8.3.0%2B6993%2B104f8db0?arch=ppc64le\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"product": {
"name": "ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm (idm:DL1)",
"product_id": "ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=ppc64le\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"product": {
"name": "ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm (idm:DL1)",
"product_id": "ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=ppc64le\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"product": {
"name": "ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm (idm:DL1)",
"product_id": "ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-epn@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=ppc64le\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"product": {
"name": "ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm (idm:DL1)",
"product_id": "ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-samba@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=ppc64le\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"product": {
"name": "ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm (idm:DL1)",
"product_id": "ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=ppc64le\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"product": {
"name": "ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm (idm:DL1)",
"product_id": "ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-debugsource@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=ppc64le\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"product": {
"name": "ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm (idm:DL1)",
"product_id": "ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=ppc64le\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"product": {
"name": "ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm (idm:DL1)",
"product_id": "ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=ppc64le\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"product": {
"name": "ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm (idm:DL1)",
"product_id": "ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server-trust-ad@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=ppc64le\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"product": {
"name": "ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm (idm:DL1)",
"product_id": "ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server-trust-ad-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=ppc64le\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"product": {
"name": "opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm (idm:DL1)",
"product_id": "opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/opendnssec@2.1.6-2.module%2Bel8.3.0%2B6580%2B328a3362?arch=ppc64le\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"product": {
"name": "opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm (idm:DL1)",
"product_id": "opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/opendnssec-debuginfo@2.1.6-2.module%2Bel8.3.0%2B6580%2B328a3362?arch=ppc64le\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"product": {
"name": "opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm (idm:DL1)",
"product_id": "opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/opendnssec-debugsource@2.1.6-2.module%2Bel8.3.0%2B6580%2B328a3362?arch=ppc64le\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"product": {
"name": "slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm (idm:DL1)",
"product_id": "slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slapi-nis@0.56.5-4.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=ppc64le\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"product": {
"name": "slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm (idm:DL1)",
"product_id": "slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slapi-nis-debuginfo@0.56.5-4.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=ppc64le\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"product": {
"name": "slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm (idm:DL1)",
"product_id": "slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slapi-nis-debugsource@0.56.5-4.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=ppc64le\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"product": {
"name": "softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm (idm:DL1)",
"product_id": "softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/softhsm@2.6.0-3.module%2Bel8.3.0%2B6909%2Bfb33717d?arch=ppc64le\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"product": {
"name": "softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm (idm:DL1)",
"product_id": "softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/softhsm-debuginfo@2.6.0-3.module%2Bel8.3.0%2B6909%2Bfb33717d?arch=ppc64le\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"product": {
"name": "softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm (idm:DL1)",
"product_id": "softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/softhsm-debugsource@2.6.0-3.module%2Bel8.3.0%2B6909%2Bfb33717d?arch=ppc64le\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"product": {
"name": "softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm (idm:DL1)",
"product_id": "softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/softhsm-devel@2.6.0-3.module%2Bel8.3.0%2B6909%2Bfb33717d?arch=ppc64le\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"product": {
"name": "ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm (idm:client)",
"product_id": "ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=ppc64le\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"product": {
"name": "ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm (idm:client)",
"product_id": "ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=ppc64le\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"product": {
"name": "ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm (idm:client)",
"product_id": "ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-epn@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=ppc64le\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"product": {
"name": "ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm (idm:client)",
"product_id": "ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-samba@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=ppc64le\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"product": {
"name": "ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm (idm:client)",
"product_id": "ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=ppc64le\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"product": {
"name": "ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm (idm:client)",
"product_id": "ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-debugsource@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=ppc64le\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"product": {
"name": "bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm (idm:DL1)",
"product_id": "bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bind-dyndb-ldap@11.3-1.module%2Bel8.3.0%2B6993%2B104f8db0?arch=aarch64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"product": {
"name": "bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm (idm:DL1)",
"product_id": "bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bind-dyndb-ldap-debuginfo@11.3-1.module%2Bel8.3.0%2B6993%2B104f8db0?arch=aarch64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"product": {
"name": "bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm (idm:DL1)",
"product_id": "bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bind-dyndb-ldap-debugsource@11.3-1.module%2Bel8.3.0%2B6993%2B104f8db0?arch=aarch64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"product": {
"name": "ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm (idm:DL1)",
"product_id": "ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=aarch64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"product": {
"name": "ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm (idm:DL1)",
"product_id": "ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=aarch64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"product": {
"name": "ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm (idm:DL1)",
"product_id": "ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-epn@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=aarch64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"product": {
"name": "ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm (idm:DL1)",
"product_id": "ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-samba@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=aarch64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"product": {
"name": "ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm (idm:DL1)",
"product_id": "ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=aarch64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"product": {
"name": "ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm (idm:DL1)",
"product_id": "ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-debugsource@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=aarch64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"product": {
"name": "ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm (idm:DL1)",
"product_id": "ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=aarch64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"product": {
"name": "ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm (idm:DL1)",
"product_id": "ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=aarch64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"product": {
"name": "ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm (idm:DL1)",
"product_id": "ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server-trust-ad@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=aarch64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"product": {
"name": "ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm (idm:DL1)",
"product_id": "ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server-trust-ad-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=aarch64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"product": {
"name": "opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm (idm:DL1)",
"product_id": "opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/opendnssec@2.1.6-2.module%2Bel8.3.0%2B6580%2B328a3362?arch=aarch64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"product": {
"name": "opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm (idm:DL1)",
"product_id": "opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/opendnssec-debuginfo@2.1.6-2.module%2Bel8.3.0%2B6580%2B328a3362?arch=aarch64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"product": {
"name": "opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm (idm:DL1)",
"product_id": "opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/opendnssec-debugsource@2.1.6-2.module%2Bel8.3.0%2B6580%2B328a3362?arch=aarch64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"product": {
"name": "slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm (idm:DL1)",
"product_id": "slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slapi-nis@0.56.5-4.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=aarch64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"product": {
"name": "slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm (idm:DL1)",
"product_id": "slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slapi-nis-debuginfo@0.56.5-4.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=aarch64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"product": {
"name": "slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm (idm:DL1)",
"product_id": "slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slapi-nis-debugsource@0.56.5-4.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=aarch64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"product": {
"name": "softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm (idm:DL1)",
"product_id": "softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/softhsm@2.6.0-3.module%2Bel8.3.0%2B6909%2Bfb33717d?arch=aarch64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"product": {
"name": "softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm (idm:DL1)",
"product_id": "softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/softhsm-debuginfo@2.6.0-3.module%2Bel8.3.0%2B6909%2Bfb33717d?arch=aarch64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"product": {
"name": "softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm (idm:DL1)",
"product_id": "softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/softhsm-debugsource@2.6.0-3.module%2Bel8.3.0%2B6909%2Bfb33717d?arch=aarch64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"product": {
"name": "softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm (idm:DL1)",
"product_id": "softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/softhsm-devel@2.6.0-3.module%2Bel8.3.0%2B6909%2Bfb33717d?arch=aarch64\u0026rpmmod=idm:DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"product": {
"name": "ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm (idm:client)",
"product_id": "ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=aarch64\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"product": {
"name": "ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm (idm:client)",
"product_id": "ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=aarch64\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"product": {
"name": "ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm (idm:client)",
"product_id": "ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-epn@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=aarch64\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"product": {
"name": "ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm (idm:client)",
"product_id": "ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-samba@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=aarch64\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"product": {
"name": "ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm (idm:client)",
"product_id": "ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=aarch64\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"product": {
"name": "ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm (idm:client)",
"product_id": "ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-debugsource@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=aarch64\u0026rpmmod=idm:client:8030020200923172426:05ac3f11"
}
}
}
],
"category": "architecture",
"name": "aarch64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1"
},
"product_reference": "bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1"
},
"product_reference": "bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1"
},
"product_reference": "bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.src.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.src.rpm-idm:DL1"
},
"product_reference": "bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.src.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1"
},
"product_reference": "bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1"
},
"product_reference": "bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1"
},
"product_reference": "bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1"
},
"product_reference": "bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1"
},
"product_reference": "bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1"
},
"product_reference": "bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1"
},
"product_reference": "bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1"
},
"product_reference": "bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1"
},
"product_reference": "bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1"
},
"product_reference": "custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "custodia-0.6.0-3.module+el8.1.0+4098+f286395e.src.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1"
},
"product_reference": "custodia-0.6.0-3.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-4.8.7-12.module+el8.3.0+8222+c1bff54a.src.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1"
},
"product_reference": "ipa-4.8.7-12.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-4.8.7-12.module+el8.3.0+8223+6212645f.src.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8223+6212645f.src.rpm-idm:client"
},
"product_reference": "ipa-4.8.7-12.module+el8.3.0+8223+6212645f.src.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1"
},
"product_reference": "ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1"
},
"product_reference": "ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1"
},
"product_reference": "ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1"
},
"product_reference": "ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client"
},
"product_reference": "ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client"
},
"product_reference": "ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client"
},
"product_reference": "ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client"
},
"product_reference": "ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1"
},
"product_reference": "ipa-client-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client"
},
"product_reference": "ipa-client-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1"
},
"product_reference": "ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1"
},
"product_reference": "ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1"
},
"product_reference": "ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1"
},
"product_reference": "ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client"
},
"product_reference": "ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client"
},
"product_reference": "ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client"
},
"product_reference": "ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client"
},
"product_reference": "ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1"
},
"product_reference": "ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1"
},
"product_reference": "ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1"
},
"product_reference": "ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1"
},
"product_reference": "ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client"
},
"product_reference": "ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client"
},
"product_reference": "ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client"
},
"product_reference": "ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client"
},
"product_reference": "ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1"
},
"product_reference": "ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1"
},
"product_reference": "ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1"
},
"product_reference": "ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1"
},
"product_reference": "ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client"
},
"product_reference": "ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client"
},
"product_reference": "ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client"
},
"product_reference": "ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client"
},
"product_reference": "ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1"
},
"product_reference": "ipa-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client"
},
"product_reference": "ipa-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1"
},
"product_reference": "ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1"
},
"product_reference": "ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1"
},
"product_reference": "ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1"
},
"product_reference": "ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client"
},
"product_reference": "ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client"
},
"product_reference": "ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client"
},
"product_reference": "ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client"
},
"product_reference": "ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1"
},
"product_reference": "ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1"
},
"product_reference": "ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1"
},
"product_reference": "ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1"
},
"product_reference": "ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client"
},
"product_reference": "ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client"
},
"product_reference": "ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client"
},
"product_reference": "ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client"
},
"product_reference": "ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1"
},
"product_reference": "ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.src.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.src.rpm-idm:DL1"
},
"product_reference": "ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.src.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-healthcheck-0.4-6.module+el8.3.0+7711+c4441980.src.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7711+c4441980.src.rpm-idm:client"
},
"product_reference": "ipa-healthcheck-0.4-6.module+el8.3.0+7711+c4441980.src.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-healthcheck-core-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1"
},
"product_reference": "ipa-healthcheck-core-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-healthcheck-core-0.4-6.module+el8.3.0+7711+c4441980.noarch.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7711+c4441980.noarch.rpm-idm:client"
},
"product_reference": "ipa-healthcheck-core-0.4-6.module+el8.3.0+7711+c4441980.noarch.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-python-compat-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1"
},
"product_reference": "ipa-python-compat-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-python-compat-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client"
},
"product_reference": "ipa-python-compat-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-selinux-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1"
},
"product_reference": "ipa-selinux-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-selinux-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client"
},
"product_reference": "ipa-selinux-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1"
},
"product_reference": "ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1"
},
"product_reference": "ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1"
},
"product_reference": "ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1"
},
"product_reference": "ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-server-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1"
},
"product_reference": "ipa-server-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1"
},
"product_reference": "ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1"
},
"product_reference": "ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1"
},
"product_reference": "ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1"
},
"product_reference": "ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-dns-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-server-dns-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1"
},
"product_reference": "ipa-server-dns-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1"
},
"product_reference": "ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1"
},
"product_reference": "ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1"
},
"product_reference": "ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1"
},
"product_reference": "ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1"
},
"product_reference": "ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1"
},
"product_reference": "ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1"
},
"product_reference": "ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1"
},
"product_reference": "ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1"
},
"product_reference": "opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1"
},
"product_reference": "opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1"
},
"product_reference": "opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.src.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.src.rpm-idm:DL1"
},
"product_reference": "opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.src.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1"
},
"product_reference": "opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1"
},
"product_reference": "opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1"
},
"product_reference": "opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1"
},
"product_reference": "opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1"
},
"product_reference": "opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1"
},
"product_reference": "opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1"
},
"product_reference": "opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1"
},
"product_reference": "opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1"
},
"product_reference": "opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.src.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1"
},
"product_reference": "python-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.src.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client"
},
"product_reference": "python-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.src.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.src.rpm-idm:DL1"
},
"product_reference": "python-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.src.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-qrcode-5.1-12.module+el8.1.0+4098+f286395e.src.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1"
},
"product_reference": "python-qrcode-5.1-12.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.src.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client"
},
"product_reference": "python-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.src.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1"
},
"product_reference": "python-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.src.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client"
},
"product_reference": "python-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1"
},
"product_reference": "python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-ipaclient-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1"
},
"product_reference": "python3-ipaclient-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-ipaclient-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client"
},
"product_reference": "python3-ipaclient-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-ipalib-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1"
},
"product_reference": "python3-ipalib-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-ipalib-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client"
},
"product_reference": "python3-ipalib-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-ipaserver-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python3-ipaserver-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1"
},
"product_reference": "python3-ipaserver-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.noarch.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1"
},
"product_reference": "python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client"
},
"product_reference": "python3-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch.rpm-idm:DL1"
},
"product_reference": "python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.noarch.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1"
},
"product_reference": "python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client"
},
"product_reference": "python3-pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-qrcode-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1"
},
"product_reference": "python3-qrcode-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client"
},
"product_reference": "python3-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1"
},
"product_reference": "python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-qrcode-core-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client"
},
"product_reference": "python3-qrcode-core-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1"
},
"product_reference": "python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client"
},
"product_reference": "python3-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.src.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1"
},
"product_reference": "pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.src.rpm (idm:client) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client"
},
"product_reference": "pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1"
},
"product_reference": "slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1"
},
"product_reference": "slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1"
},
"product_reference": "slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.src.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1"
},
"product_reference": "slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1"
},
"product_reference": "slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1"
},
"product_reference": "slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1"
},
"product_reference": "slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1"
},
"product_reference": "slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1"
},
"product_reference": "slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1"
},
"product_reference": "slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1"
},
"product_reference": "slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1"
},
"product_reference": "slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1"
},
"product_reference": "slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1"
},
"product_reference": "softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1"
},
"product_reference": "softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1"
},
"product_reference": "softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.src.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.src.rpm-idm:DL1"
},
"product_reference": "softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.src.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1"
},
"product_reference": "softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1"
},
"product_reference": "softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1"
},
"product_reference": "softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1"
},
"product_reference": "softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1"
},
"product_reference": "softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1"
},
"product_reference": "softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1"
},
"product_reference": "softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1"
},
"product_reference": "softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1"
},
"product_reference": "softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1"
},
"product_reference": "softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1"
},
"product_reference": "softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1"
},
"product_reference": "softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm (idm:DL1) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1"
},
"product_reference": "softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"relates_to_product_reference": "AppStream-8.3.0.GA"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-9251",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2016-11-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1399546"
}
],
"notes": [
{
"category": "description",
"text": "jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Cross-site scripting via cross-domain ajax requests",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8223+6212645f.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7711+c4441980.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7711+c4441980.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-9251"
},
{
"category": "external",
"summary": "RHBZ#1399546",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1399546"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-9251",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9251"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-9251",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-9251"
}
],
"release_date": "2015-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:31:18+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8223+6212645f.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7711+c4441980.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7711+c4441980.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4670"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8223+6212645f.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7711+c4441980.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7711+c4441980.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Cross-site scripting via cross-domain ajax requests"
},
{
"cve": "CVE-2016-10735",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668097"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the data-target attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8223+6212645f.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7711+c4441980.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7711+c4441980.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-10735"
},
{
"category": "external",
"summary": "RHBZ#1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10735"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735"
}
],
"release_date": "2016-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:31:18+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8223+6212645f.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7711+c4441980.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7711+c4441980.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4670"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8223+6212645f.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7711+c4441980.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7711+c4441980.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the data-target attribute"
},
{
"cve": "CVE-2018-14040",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601614"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8223+6212645f.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7711+c4441980.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7711+c4441980.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14040"
},
{
"category": "external",
"summary": "RHBZ#1601614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14040",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14040"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:31:18+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8223+6212645f.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7711+c4441980.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7711+c4441980.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4670"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8223+6212645f.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7711+c4441980.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7711+c4441980.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute"
},
{
"cve": "CVE-2018-14042",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601617"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8223+6212645f.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7711+c4441980.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7711+c4441980.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14042"
},
{
"category": "external",
"summary": "RHBZ#1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14042",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14042"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:31:18+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8223+6212645f.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7711+c4441980.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7711+c4441980.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4670"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8223+6212645f.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7711+c4441980.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7711+c4441980.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip"
},
{
"cve": "CVE-2018-20676",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668082"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting, caused by improper validation of user-supplied input by the tooltip data-viewport attribute. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the tooltip data-viewport attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions do not use the vulnerable component at all.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8223+6212645f.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7711+c4441980.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7711+c4441980.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-20676"
},
{
"category": "external",
"summary": "RHBZ#1668082",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668082"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-20676",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20676"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20676",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20676"
}
],
"release_date": "2018-08-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:31:18+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8223+6212645f.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7711+c4441980.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7711+c4441980.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4670"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8223+6212645f.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7711+c4441980.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7711+c4441980.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the tooltip data-viewport attribute"
},
{
"cve": "CVE-2018-20677",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668089"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting caused by improper validation of user-supplied input by the affix configuration target property. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the affix configuration target property",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions do not use the vulnerable component at all.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8223+6212645f.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7711+c4441980.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7711+c4441980.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-20677"
},
{
"category": "external",
"summary": "RHBZ#1668089",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668089"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-20677",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20677"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20677",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20677"
}
],
"release_date": "2018-08-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:31:18+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8223+6212645f.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7711+c4441980.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7711+c4441980.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4670"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8223+6212645f.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7711+c4441980.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7711+c4441980.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the affix configuration target property"
},
{
"cve": "CVE-2019-8331",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-02-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1686454"
}
],
"notes": [
{
"category": "description",
"text": "A cross-site scripting vulnerability was discovered in bootstrap. If an attacker could control the data given to tooltip or popover, they could inject HTML or Javascript into the rendered page when tooltip or popover events fired.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the tooltip or popover data-template attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8223+6212645f.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7711+c4441980.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7711+c4441980.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-8331"
},
{
"category": "external",
"summary": "RHBZ#1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-8331",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8331"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331"
}
],
"release_date": "2019-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:31:18+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8223+6212645f.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7711+c4441980.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7711+c4441980.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4670"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8223+6212645f.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7711+c4441980.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7711+c4441980.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the tooltip or popover data-template attribute"
},
{
"cve": "CVE-2019-11358",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-03-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1701972"
}
],
"notes": [
{
"category": "description",
"text": "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8223+6212645f.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7711+c4441980.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7711+c4441980.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-11358"
},
{
"category": "external",
"summary": "RHBZ#1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/",
"url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/"
},
{
"category": "external",
"summary": "https://www.drupal.org/sa-core-2019-006",
"url": "https://www.drupal.org/sa-core-2019-006"
}
],
"release_date": "2019-03-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:31:18+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8223+6212645f.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7711+c4441980.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7711+c4441980.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4670"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8223+6212645f.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7711+c4441980.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7711+c4441980.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection"
},
{
"acknowledgments": [
{
"names": [
"Pritam Singh"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2020-1722",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2019-12-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1793071"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in IPA. When sending a very long password (\u003e= 1,000,000 characters) to the server, the password hashing process could exhaust memory and CPU leading to a denial of service and the website becoming unresponsive. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ipa: No password length restriction leads to denial of service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8223+6212645f.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7711+c4441980.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7711+c4441980.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-1722"
},
{
"category": "external",
"summary": "RHBZ#1793071",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1793071"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-1722",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1722"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1722",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1722"
}
],
"release_date": "2020-04-14T04:26:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:31:18+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8223+6212645f.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7711+c4441980.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7711+c4441980.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4670"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8223+6212645f.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7711+c4441980.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7711+c4441980.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "ipa: No password length restriction leads to denial of service"
},
{
"cve": "CVE-2020-11022",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-04-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1828406"
}
],
"notes": [
{
"category": "description",
"text": "A Cross-site scripting (XSS) vulnerability exists in JQuery. This flaw allows an attacker with the ability to supply input to the \u2018HTML\u2019 function to inject Javascript into the page where that input is rendered, and have it delivered by the browser.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "No supported release of Red Hat OpenStack Platform is affected by this vulnerability as no shipped packages contain the vulnerable code.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8223+6212645f.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7711+c4441980.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7711+c4441980.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11022"
},
{
"category": "external",
"summary": "RHBZ#1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11022",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2",
"url": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2"
}
],
"release_date": "2020-04-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:31:18+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8223+6212645f.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7711+c4441980.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7711+c4441980.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4670"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debuginfo-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:bind-dyndb-ldap-debugsource-11.3-1.module+el8.3.0+6993+104f8db0.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:custodia-0.6.0-3.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-4.8.7-12.module+el8.3.0+8223+6212645f.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-epn-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-client-samba-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-common-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debuginfo-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.aarch64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.s390x.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-debugsource-4.8.7-12.module+el8.3.0+8223+6212645f.x86_64.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7710+e2408ce4.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-0.4-6.module+el8.3.0+7711+c4441980.src.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7710+e2408ce4.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-healthcheck-core-0.4-6.module+el8.3.0+7711+c4441980.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-python-compat-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-selinux-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-common-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-dns-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:ipa-server-trust-ad-debuginfo-4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debuginfo-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:opendnssec-debugsource-2.1.6-2.module+el8.3.0+6580+328a3362.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:python-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipaclient-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-ipalib-4.8.7-12.module+el8.3.0+8223+6212645f.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-ipaserver-4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-jwcrypto-0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-qrcode-core-5.1-12.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch.rpm-idm:DL1",
"AppStream-8.3.0.GA:python3-yubico-1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch.rpm-idm:client",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:pyusb-1.0.0-9.module+el8.1.0+4107+4a66eb87.src.rpm-idm:client",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debuginfo-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:slapi-nis-debugsource-0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.src.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debuginfo-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-debugsource-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.s390x.rpm-idm:DL1",
"AppStream-8.3.0.GA:softhsm-devel-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64.rpm-idm:DL1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method"
}
]
}
rhsa-2020_3936
Vulnerability from csaf_redhat
Published
2020-09-29 21:12
Modified
2024-11-22 14:43
Summary
Red Hat Security Advisory: ipa security, bug fix, and enhancement update
Notes
Topic
An update for ipa is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments.
The following packages have been upgraded to a later upstream version: ipa (4.6.8). (BZ#1819725)
Security Fix(es):
* js-jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251)
* bootstrap: XSS in the data-target attribute (CVE-2016-10735)
* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)
* bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip. (CVE-2018-14042)
* bootstrap: XSS in the tooltip data-viewport attribute (CVE-2018-20676)
* bootstrap: XSS in the affix configuration target property (CVE-2018-20677)
* bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331)
* js-jquery: prototype pollution in object's prototype leading to denial of service or remote code execution or property injection (CVE-2019-11358)
* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)
* ipa: No password length restriction leads to denial of service (CVE-2020-1722)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.9 Release Notes linked from the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for ipa is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments.\n\nThe following packages have been upgraded to a later upstream version: ipa (4.6.8). (BZ#1819725)\n\nSecurity Fix(es):\n\n* js-jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251)\n\n* bootstrap: XSS in the data-target attribute (CVE-2016-10735)\n\n* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)\n\n* bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip. (CVE-2018-14042)\n\n* bootstrap: XSS in the tooltip data-viewport attribute (CVE-2018-20676)\n\n* bootstrap: XSS in the affix configuration target property (CVE-2018-20677)\n\n* bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331)\n\n* js-jquery: prototype pollution in object\u0027s prototype leading to denial of service or remote code execution or property injection (CVE-2019-11358)\n\n* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)\n\n* ipa: No password length restriction leads to denial of service (CVE-2020-1722)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.9 Release Notes linked from the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:3936",
"url": "https://access.redhat.com/errata/RHSA-2020:3936"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.9_release_notes/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.9_release_notes/index"
},
{
"category": "external",
"summary": "1399546",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1399546"
},
{
"category": "external",
"summary": "1404770",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1404770"
},
{
"category": "external",
"summary": "1545755",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1545755"
},
{
"category": "external",
"summary": "1601614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614"
},
{
"category": "external",
"summary": "1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "1668082",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668082"
},
{
"category": "external",
"summary": "1668089",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668089"
},
{
"category": "external",
"summary": "1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "external",
"summary": "1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "1754902",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1754902"
},
{
"category": "external",
"summary": "1755535",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1755535"
},
{
"category": "external",
"summary": "1756568",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1756568"
},
{
"category": "external",
"summary": "1758406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758406"
},
{
"category": "external",
"summary": "1769791",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1769791"
},
{
"category": "external",
"summary": "1771356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1771356"
},
{
"category": "external",
"summary": "1780548",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1780548"
},
{
"category": "external",
"summary": "1782587",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1782587"
},
{
"category": "external",
"summary": "1788718",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1788718"
},
{
"category": "external",
"summary": "1788907",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1788907"
},
{
"category": "external",
"summary": "1793071",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1793071"
},
{
"category": "external",
"summary": "1795890",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1795890"
},
{
"category": "external",
"summary": "1801791",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1801791"
},
{
"category": "external",
"summary": "1817886",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1817886"
},
{
"category": "external",
"summary": "1817918",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1817918"
},
{
"category": "external",
"summary": "1817919",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1817919"
},
{
"category": "external",
"summary": "1817922",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1817922"
},
{
"category": "external",
"summary": "1817923",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1817923"
},
{
"category": "external",
"summary": "1817927",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1817927"
},
{
"category": "external",
"summary": "1819725",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1819725"
},
{
"category": "external",
"summary": "1825829",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1825829"
},
{
"category": "external",
"summary": "1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "1829787",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1829787"
},
{
"category": "external",
"summary": "1834385",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1834385"
},
{
"category": "external",
"summary": "1842950",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1842950"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_3936.json"
}
],
"title": "Red Hat Security Advisory: ipa security, bug fix, and enhancement update",
"tracking": {
"current_release_date": "2024-11-22T14:43:09+00:00",
"generator": {
"date": "2024-11-22T14:43:09+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2020:3936",
"initial_release_date": "2020-09-29T21:12:26+00:00",
"revision_history": [
{
"date": "2020-09-29T21:12:26+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-09-29T21:12:26+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T14:43:09+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Client (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Client Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ComputeNode (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.9",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::workstation"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "ipa-0:4.6.8-5.el7.src",
"product": {
"name": "ipa-0:4.6.8-5.el7.src",
"product_id": "ipa-0:4.6.8-5.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa@4.6.8-5.el7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "ipa-client-0:4.6.8-5.el7.x86_64",
"product": {
"name": "ipa-client-0:4.6.8-5.el7.x86_64",
"product_id": "ipa-client-0:4.6.8-5.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client@4.6.8-5.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"product": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"product_id": "ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-debuginfo@4.6.8-5.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ipa-server-0:4.6.8-5.el7.x86_64",
"product": {
"name": "ipa-server-0:4.6.8-5.el7.x86_64",
"product_id": "ipa-server-0:4.6.8-5.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server@4.6.8-5.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"product": {
"name": "ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"product_id": "ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server-trust-ad@4.6.8-5.el7?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "ipa-client-common-0:4.6.8-5.el7.noarch",
"product": {
"name": "ipa-client-common-0:4.6.8-5.el7.noarch",
"product_id": "ipa-client-common-0:4.6.8-5.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-common@4.6.8-5.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ipa-common-0:4.6.8-5.el7.noarch",
"product": {
"name": "ipa-common-0:4.6.8-5.el7.noarch",
"product_id": "ipa-common-0:4.6.8-5.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-common@4.6.8-5.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ipa-python-compat-0:4.6.8-5.el7.noarch",
"product": {
"name": "ipa-python-compat-0:4.6.8-5.el7.noarch",
"product_id": "ipa-python-compat-0:4.6.8-5.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-python-compat@4.6.8-5.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python2-ipaclient-0:4.6.8-5.el7.noarch",
"product": {
"name": "python2-ipaclient-0:4.6.8-5.el7.noarch",
"product_id": "python2-ipaclient-0:4.6.8-5.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python2-ipaclient@4.6.8-5.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python2-ipalib-0:4.6.8-5.el7.noarch",
"product": {
"name": "python2-ipalib-0:4.6.8-5.el7.noarch",
"product_id": "python2-ipalib-0:4.6.8-5.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python2-ipalib@4.6.8-5.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ipa-server-common-0:4.6.8-5.el7.noarch",
"product": {
"name": "ipa-server-common-0:4.6.8-5.el7.noarch",
"product_id": "ipa-server-common-0:4.6.8-5.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server-common@4.6.8-5.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ipa-server-dns-0:4.6.8-5.el7.noarch",
"product": {
"name": "ipa-server-dns-0:4.6.8-5.el7.noarch",
"product_id": "ipa-server-dns-0:4.6.8-5.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server-dns@4.6.8-5.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python2-ipaserver-0:4.6.8-5.el7.noarch",
"product": {
"name": "python2-ipaserver-0:4.6.8-5.el7.noarch",
"product_id": "python2-ipaserver-0:4.6.8-5.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python2-ipaserver@4.6.8-5.el7?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "ipa-client-0:4.6.8-5.el7.s390x",
"product": {
"name": "ipa-client-0:4.6.8-5.el7.s390x",
"product_id": "ipa-client-0:4.6.8-5.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client@4.6.8-5.el7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "ipa-debuginfo-0:4.6.8-5.el7.s390x",
"product": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.s390x",
"product_id": "ipa-debuginfo-0:4.6.8-5.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-debuginfo@4.6.8-5.el7?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "ipa-client-0:4.6.8-5.el7.ppc64",
"product": {
"name": "ipa-client-0:4.6.8-5.el7.ppc64",
"product_id": "ipa-client-0:4.6.8-5.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client@4.6.8-5.el7?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"product": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"product_id": "ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-debuginfo@4.6.8-5.el7?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "ipa-client-0:4.6.8-5.el7.ppc64le",
"product": {
"name": "ipa-client-0:4.6.8-5.el7.ppc64le",
"product_id": "ipa-client-0:4.6.8-5.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client@4.6.8-5.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"product": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"product_id": "ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-debuginfo@4.6.8-5.el7?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-0:4.6.8-5.el7.src as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9:ipa-0:4.6.8-5.el7.src"
},
"product_reference": "ipa-0:4.6.8-5.el7.src",
"relates_to_product_reference": "7Client-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.ppc64",
"relates_to_product_reference": "7Client-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.ppc64le",
"relates_to_product_reference": "7Client-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.s390x as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.s390x",
"relates_to_product_reference": "7Client-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7Client-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-common-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-client-common-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Client-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-common-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-common-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Client-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"relates_to_product_reference": "7Client-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"relates_to_product_reference": "7Client-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.s390x as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.s390x",
"relates_to_product_reference": "7Client-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7Client-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-python-compat-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-python-compat-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Client-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-server-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7Client-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-common-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-server-common-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Client-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-dns-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-server-dns-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Client-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-trust-ad-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7Client-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-ipaclient-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch"
},
"product_reference": "python2-ipaclient-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Client-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-ipalib-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch"
},
"product_reference": "python2-ipalib-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Client-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-ipaserver-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
},
"product_reference": "python2-ipaserver-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Client-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-0:4.6.8-5.el7.src as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:ipa-0:4.6.8-5.el7.src"
},
"product_reference": "ipa-0:4.6.8-5.el7.src",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.ppc64",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.ppc64le",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.s390x",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-common-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-client-common-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-common-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-common-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.s390x",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-python-compat-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-python-compat-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-server-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-common-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-server-common-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-dns-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-server-dns-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-trust-ad-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-ipaclient-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch"
},
"product_reference": "python2-ipaclient-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-ipalib-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch"
},
"product_reference": "python2-ipalib-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-ipaserver-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
},
"product_reference": "python2-ipaserver-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Client-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-0:4.6.8-5.el7.src as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src"
},
"product_reference": "ipa-0:4.6.8-5.el7.src",
"relates_to_product_reference": "7ComputeNode-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.s390x",
"relates_to_product_reference": "7ComputeNode-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-common-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-client-common-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7ComputeNode-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-common-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-common-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7ComputeNode-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.s390x",
"relates_to_product_reference": "7ComputeNode-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-python-compat-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-python-compat-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7ComputeNode-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-server-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-common-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-server-common-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7ComputeNode-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-dns-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-server-dns-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7ComputeNode-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-trust-ad-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-ipaclient-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch"
},
"product_reference": "python2-ipaclient-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7ComputeNode-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-ipalib-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch"
},
"product_reference": "python2-ipalib-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7ComputeNode-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-ipaserver-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
},
"product_reference": "python2-ipaserver-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7ComputeNode-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-0:4.6.8-5.el7.src as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src"
},
"product_reference": "ipa-0:4.6.8-5.el7.src",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-common-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-client-common-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-common-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-common-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-python-compat-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-python-compat-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-server-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-common-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-server-common-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-dns-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-server-dns-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-trust-ad-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-ipaclient-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch"
},
"product_reference": "python2-ipaclient-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-ipalib-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch"
},
"product_reference": "python2-ipalib-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-ipaserver-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
},
"product_reference": "python2-ipaserver-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-0:4.6.8-5.el7.src as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:ipa-0:4.6.8-5.el7.src"
},
"product_reference": "ipa-0:4.6.8-5.el7.src",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.ppc64",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.ppc64le",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.s390x",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-common-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-client-common-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-common-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-common-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.s390x",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-python-compat-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-python-compat-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-server-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-common-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-server-common-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-dns-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-server-dns-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-trust-ad-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-ipaclient-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch"
},
"product_reference": "python2-ipaclient-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-ipalib-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch"
},
"product_reference": "python2-ipalib-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-ipaserver-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
},
"product_reference": "python2-ipaserver-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Server-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-0:4.6.8-5.el7.src as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:ipa-0:4.6.8-5.el7.src"
},
"product_reference": "ipa-0:4.6.8-5.el7.src",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.ppc64",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.ppc64le",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.s390x",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-client-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-common-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-client-common-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-common-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-common-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.s390x",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-python-compat-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-python-compat-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-server-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-common-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-server-common-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-dns-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch"
},
"product_reference": "ipa-server-dns-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-trust-ad-0:4.6.8-5.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64"
},
"product_reference": "ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-ipaclient-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch"
},
"product_reference": "python2-ipaclient-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-ipalib-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch"
},
"product_reference": "python2-ipalib-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Workstation-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-ipaserver-0:4.6.8-5.el7.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
},
"product_reference": "python2-ipaserver-0:4.6.8-5.el7.noarch",
"relates_to_product_reference": "7Workstation-7.9"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-9251",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2016-11-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1399546"
}
],
"notes": [
{
"category": "description",
"text": "jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Cross-site scripting via cross-domain ajax requests",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-9251"
},
{
"category": "external",
"summary": "RHBZ#1399546",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1399546"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-9251",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9251"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-9251",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-9251"
}
],
"release_date": "2015-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-29T21:12:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3936"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Cross-site scripting via cross-domain ajax requests"
},
{
"cve": "CVE-2016-10735",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668097"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the data-target attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-10735"
},
{
"category": "external",
"summary": "RHBZ#1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10735"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735"
}
],
"release_date": "2016-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-29T21:12:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3936"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the data-target attribute"
},
{
"cve": "CVE-2018-14040",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601614"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14040"
},
{
"category": "external",
"summary": "RHBZ#1601614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14040",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14040"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-29T21:12:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3936"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute"
},
{
"cve": "CVE-2018-14042",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601617"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14042"
},
{
"category": "external",
"summary": "RHBZ#1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14042",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14042"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-29T21:12:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3936"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip"
},
{
"cve": "CVE-2018-20676",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668082"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting, caused by improper validation of user-supplied input by the tooltip data-viewport attribute. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the tooltip data-viewport attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions do not use the vulnerable component at all.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-20676"
},
{
"category": "external",
"summary": "RHBZ#1668082",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668082"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-20676",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20676"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20676",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20676"
}
],
"release_date": "2018-08-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-29T21:12:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3936"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the tooltip data-viewport attribute"
},
{
"cve": "CVE-2018-20677",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668089"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting caused by improper validation of user-supplied input by the affix configuration target property. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the affix configuration target property",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions do not use the vulnerable component at all.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-20677"
},
{
"category": "external",
"summary": "RHBZ#1668089",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668089"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-20677",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20677"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20677",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20677"
}
],
"release_date": "2018-08-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-29T21:12:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3936"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the affix configuration target property"
},
{
"cve": "CVE-2019-8331",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-02-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1686454"
}
],
"notes": [
{
"category": "description",
"text": "A cross-site scripting vulnerability was discovered in bootstrap. If an attacker could control the data given to tooltip or popover, they could inject HTML or Javascript into the rendered page when tooltip or popover events fired.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the tooltip or popover data-template attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-8331"
},
{
"category": "external",
"summary": "RHBZ#1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-8331",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8331"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331"
}
],
"release_date": "2019-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-29T21:12:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3936"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the tooltip or popover data-template attribute"
},
{
"cve": "CVE-2019-11358",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-03-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1701972"
}
],
"notes": [
{
"category": "description",
"text": "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-11358"
},
{
"category": "external",
"summary": "RHBZ#1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/",
"url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/"
},
{
"category": "external",
"summary": "https://www.drupal.org/sa-core-2019-006",
"url": "https://www.drupal.org/sa-core-2019-006"
}
],
"release_date": "2019-03-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-29T21:12:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3936"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection"
},
{
"acknowledgments": [
{
"names": [
"Pritam Singh"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2020-1722",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2019-12-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1793071"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in IPA. When sending a very long password (\u003e= 1,000,000 characters) to the server, the password hashing process could exhaust memory and CPU leading to a denial of service and the website becoming unresponsive. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ipa: No password length restriction leads to denial of service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-1722"
},
{
"category": "external",
"summary": "RHBZ#1793071",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1793071"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-1722",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1722"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1722",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1722"
}
],
"release_date": "2020-04-14T04:26:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-29T21:12:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3936"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "ipa: No password length restriction leads to denial of service"
},
{
"cve": "CVE-2020-11022",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-04-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1828406"
}
],
"notes": [
{
"category": "description",
"text": "A Cross-site scripting (XSS) vulnerability exists in JQuery. This flaw allows an attacker with the ability to supply input to the \u2018HTML\u2019 function to inject Javascript into the page where that input is rendered, and have it delivered by the browser.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "No supported release of Red Hat OpenStack Platform is affected by this vulnerability as no shipped packages contain the vulnerable code.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11022"
},
{
"category": "external",
"summary": "RHBZ#1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11022",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2",
"url": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2"
}
],
"release_date": "2020-04-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-09-29T21:12:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3936"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"7Client-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Client-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Client-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Client-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-0:4.6.8-5.el7.src",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7ComputeNode-optional-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7ComputeNode-optional-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7ComputeNode-optional-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-0:4.6.8-5.el7.src",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Server-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Server-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Server-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Server-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Server-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-0:4.6.8-5.el7.src",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-client-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-client-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.ppc64le",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.s390x",
"7Workstation-7.9:ipa-debuginfo-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-python-compat-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:ipa-server-common-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-dns-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:ipa-server-trust-ad-0:4.6.8-5.el7.x86_64",
"7Workstation-7.9:python2-ipaclient-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipalib-0:4.6.8-5.el7.noarch",
"7Workstation-7.9:python2-ipaserver-0:4.6.8-5.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method"
}
]
}
rhsa-2020_4670
Vulnerability from csaf_redhat
Published
2020-11-04 01:31
Modified
2024-11-22 14:43
Summary
Red Hat Security Advisory: idm:DL1 and idm:client security, bug fix, and enhancement update
Notes
Topic
An update for the idm:DL1 and idm:client modules is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments.
The following packages have been upgraded to a later upstream version: ipa (4.8.7), softhsm (2.6.0), opendnssec (2.1.6). (BZ#1759888, BZ#1818765, BZ#1818877)
Security Fix(es):
* js-jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251)
* bootstrap: XSS in the data-target attribute (CVE-2016-10735)
* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)
* bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip (CVE-2018-14042)
* bootstrap: XSS in the tooltip data-viewport attribute (CVE-2018-20676)
* bootstrap: XSS in the affix configuration target property (CVE-2018-20677)
* bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331)
* js-jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection (CVE-2019-11358)
* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)
* ipa: No password length restriction leads to denial of service (CVE-2020-1722)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for the idm:DL1 and idm:client modules is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. \n\nThe following packages have been upgraded to a later upstream version: ipa (4.8.7), softhsm (2.6.0), opendnssec (2.1.6). (BZ#1759888, BZ#1818765, BZ#1818877)\n\nSecurity Fix(es):\n\n* js-jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251)\n\n* bootstrap: XSS in the data-target attribute (CVE-2016-10735)\n\n* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute (CVE-2018-14040)\n\n* bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip (CVE-2018-14042)\n\n* bootstrap: XSS in the tooltip data-viewport attribute (CVE-2018-20676)\n\n* bootstrap: XSS in the affix configuration target property (CVE-2018-20677)\n\n* bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331)\n\n* js-jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection (CVE-2019-11358)\n\n* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)\n\n* ipa: No password length restriction leads to denial of service (CVE-2020-1722)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:4670",
"url": "https://access.redhat.com/errata/RHSA-2020:4670"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.3_release_notes/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.3_release_notes/"
},
{
"category": "external",
"summary": "1399546",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1399546"
},
{
"category": "external",
"summary": "1430365",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1430365"
},
{
"category": "external",
"summary": "1488732",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1488732"
},
{
"category": "external",
"summary": "1585020",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1585020"
},
{
"category": "external",
"summary": "1601614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614"
},
{
"category": "external",
"summary": "1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "1651577",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1651577"
},
{
"category": "external",
"summary": "1668082",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668082"
},
{
"category": "external",
"summary": "1668089",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668089"
},
{
"category": "external",
"summary": "1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "external",
"summary": "1701233",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701233"
},
{
"category": "external",
"summary": "1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "1746830",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1746830"
},
{
"category": "external",
"summary": "1750893",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1750893"
},
{
"category": "external",
"summary": "1751295",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1751295"
},
{
"category": "external",
"summary": "1757045",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1757045"
},
{
"category": "external",
"summary": "1759888",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1759888"
},
{
"category": "external",
"summary": "1768156",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1768156"
},
{
"category": "external",
"summary": "1777806",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1777806"
},
{
"category": "external",
"summary": "1793071",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1793071"
},
{
"category": "external",
"summary": "1801698",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1801698"
},
{
"category": "external",
"summary": "1802471",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1802471"
},
{
"category": "external",
"summary": "1809835",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1809835"
},
{
"category": "external",
"summary": "1810154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1810154"
},
{
"category": "external",
"summary": "1810179",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1810179"
},
{
"category": "external",
"summary": "1813330",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1813330"
},
{
"category": "external",
"summary": "1816784",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816784"
},
{
"category": "external",
"summary": "1818765",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1818765"
},
{
"category": "external",
"summary": "1818877",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1818877"
},
{
"category": "external",
"summary": "1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "1831732",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1831732"
},
{
"category": "external",
"summary": "1831935",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1831935"
},
{
"category": "external",
"summary": "1832331",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1832331"
},
{
"category": "external",
"summary": "1833266",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1833266"
},
{
"category": "external",
"summary": "1834264",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1834264"
},
{
"category": "external",
"summary": "1834909",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1834909"
},
{
"category": "external",
"summary": "1845211",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1845211"
},
{
"category": "external",
"summary": "1845537",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1845537"
},
{
"category": "external",
"summary": "1845596",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1845596"
},
{
"category": "external",
"summary": "1846352",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1846352"
},
{
"category": "external",
"summary": "1846434",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1846434"
},
{
"category": "external",
"summary": "1847999",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1847999"
},
{
"category": "external",
"summary": "1849914",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1849914"
},
{
"category": "external",
"summary": "1851411",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1851411"
},
{
"category": "external",
"summary": "1852244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1852244"
},
{
"category": "external",
"summary": "1853263",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1853263"
},
{
"category": "external",
"summary": "1857157",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857157"
},
{
"category": "external",
"summary": "1858318",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1858318"
},
{
"category": "external",
"summary": "1859213",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1859213"
},
{
"category": "external",
"summary": "1863079",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1863079"
},
{
"category": "external",
"summary": "1863616",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1863616"
},
{
"category": "external",
"summary": "1866291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1866291"
},
{
"category": "external",
"summary": "1866938",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1866938"
},
{
"category": "external",
"summary": "1868432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1868432"
},
{
"category": "external",
"summary": "1869311",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1869311"
},
{
"category": "external",
"summary": "1870202",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1870202"
},
{
"category": "external",
"summary": "1874015",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1874015"
},
{
"category": "external",
"summary": "1875348",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1875348"
},
{
"category": "external",
"summary": "1879604",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1879604"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_4670.json"
}
],
"title": "Red Hat Security Advisory: idm:DL1 and idm:client security, bug fix, and enhancement update",
"tracking": {
"current_release_date": "2024-11-22T14:43:17+00:00",
"generator": {
"date": "2024-11-22T14:43:17+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2020:4670",
"initial_release_date": "2020-11-04T01:31:18+00:00",
"revision_history": [
{
"date": "2020-11-04T01:31:18+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-11-04T01:31:18+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T14:43:17+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "idm:DL1:8030020200923172343:9c827e52",
"product": {
"name": "idm:DL1:8030020200923172343:9c827e52",
"product_id": "idm:DL1:8030020200923172343:9c827e52",
"product_identification_helper": {
"purl": "pkg:rpmmod/redhat/idm@DL1:8030020200923172343:9c827e52"
}
}
},
{
"category": "product_version",
"name": "custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch",
"product": {
"name": "custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch",
"product_id": "custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/custodia@0.6.0-3.module%2Bel8.1.0%2B4098%2Bf286395e?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ipa-client-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"product": {
"name": "ipa-client-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"product_id": "ipa-client-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-common@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ipa-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"product": {
"name": "ipa-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"product_id": "ipa-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-common@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch",
"product": {
"name": "ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch",
"product_id": "ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-healthcheck@0.4-6.module%2Bel8.3.0%2B7710%2Be2408ce4?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch",
"product": {
"name": "ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch",
"product_id": "ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-healthcheck-core@0.4-6.module%2Bel8.3.0%2B7710%2Be2408ce4?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ipa-python-compat-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"product": {
"name": "ipa-python-compat-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"product_id": "ipa-python-compat-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-python-compat@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ipa-selinux-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"product": {
"name": "ipa-selinux-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"product_id": "ipa-selinux-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-selinux@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ipa-server-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"product": {
"name": "ipa-server-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"product_id": "ipa-server-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server-common@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ipa-server-dns-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"product": {
"name": "ipa-server-dns-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"product_id": "ipa-server-dns-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server-dns@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch",
"product": {
"name": "python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch",
"product_id": "python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-custodia@0.6.0-3.module%2Bel8.1.0%2B4098%2Bf286395e?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-ipaclient-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"product": {
"name": "python3-ipaclient-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"product_id": "python3-ipaclient-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-ipaclient@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-ipalib-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"product": {
"name": "python3-ipalib-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"product_id": "python3-ipalib-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-ipalib@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-ipaserver-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"product": {
"name": "python3-ipaserver-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"product_id": "python3-ipaserver-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-ipaserver@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch",
"product": {
"name": "python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch",
"product_id": "python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-jwcrypto@0.5.0-1.module%2Bel8.1.0%2B4098%2Bf286395e?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch",
"product": {
"name": "python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch",
"product_id": "python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-kdcproxy@0.4-5.module%2Bel8.2.0%2B4691%2Ba05b2456?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch",
"product": {
"name": "python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch",
"product_id": "python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-pyusb@1.0.0-9.module%2Bel8.1.0%2B4098%2Bf286395e?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch",
"product": {
"name": "python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch",
"product_id": "python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-qrcode@5.1-12.module%2Bel8.1.0%2B4098%2Bf286395e?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch",
"product": {
"name": "python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch",
"product_id": "python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-qrcode-core@5.1-12.module%2Bel8.1.0%2B4098%2Bf286395e?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch",
"product": {
"name": "python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch",
"product_id": "python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-yubico@1.3.2-9.module%2Bel8.1.0%2B4098%2Bf286395e?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "idm:client:8030020200923172426:05ac3f11",
"product": {
"name": "idm:client:8030020200923172426:05ac3f11",
"product_id": "idm:client:8030020200923172426:05ac3f11",
"product_identification_helper": {
"purl": "pkg:rpmmod/redhat/idm@client:8030020200923172426:05ac3f11"
}
}
},
{
"category": "product_version",
"name": "ipa-client-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"product": {
"name": "ipa-client-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"product_id": "ipa-client-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-common@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ipa-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"product": {
"name": "ipa-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"product_id": "ipa-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-common@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7711+c4441980.noarch",
"product": {
"name": "ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7711+c4441980.noarch",
"product_id": "ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7711+c4441980.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-healthcheck-core@0.4-6.module%2Bel8.3.0%2B7711%2Bc4441980?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ipa-python-compat-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"product": {
"name": "ipa-python-compat-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"product_id": "ipa-python-compat-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-python-compat@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ipa-selinux-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"product": {
"name": "ipa-selinux-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"product_id": "ipa-selinux-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-selinux@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-ipaclient-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"product": {
"name": "python3-ipaclient-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"product_id": "python3-ipaclient-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-ipaclient@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-ipalib-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"product": {
"name": "python3-ipalib-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"product_id": "python3-ipalib-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-ipalib@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch",
"product": {
"name": "python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch",
"product_id": "python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-jwcrypto@0.5.0-1.module%2Bel8.1.0%2B4107%2B4a66eb87?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch",
"product": {
"name": "python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch",
"product_id": "python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-pyusb@1.0.0-9.module%2Bel8.1.0%2B4107%2B4a66eb87?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch",
"product": {
"name": "python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch",
"product_id": "python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-qrcode@5.1-12.module%2Bel8.1.0%2B4107%2B4a66eb87?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch",
"product": {
"name": "python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch",
"product_id": "python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-qrcode-core@5.1-12.module%2Bel8.1.0%2B4107%2B4a66eb87?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch",
"product": {
"name": "python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch",
"product_id": "python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-yubico@1.3.2-9.module%2Bel8.1.0%2B4107%2B4a66eb87?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.src",
"product": {
"name": "bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.src",
"product_id": "bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bind-dyndb-ldap@11.3-1.module%2Bel8.3.0%2B6993%2B104f8db0?arch=src"
}
}
},
{
"category": "product_version",
"name": "custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src",
"product": {
"name": "custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src",
"product_id": "custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/custodia@0.6.0-3.module%2Bel8.1.0%2B4098%2Bf286395e?arch=src"
}
}
},
{
"category": "product_version",
"name": "ipa-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.src",
"product": {
"name": "ipa-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.src",
"product_id": "ipa-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=src"
}
}
},
{
"category": "product_version",
"name": "ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.src",
"product": {
"name": "ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.src",
"product_id": "ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-healthcheck@0.4-6.module%2Bel8.3.0%2B7710%2Be2408ce4?arch=src"
}
}
},
{
"category": "product_version",
"name": "opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.src",
"product": {
"name": "opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.src",
"product_id": "opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/opendnssec@2.1.6-2.module%2Bel8.3.0%2B6580%2B328a3362?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src",
"product": {
"name": "python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src",
"product_id": "python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-jwcrypto@0.5.0-1.module%2Bel8.1.0%2B4098%2Bf286395e?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src",
"product": {
"name": "python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src",
"product_id": "python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-kdcproxy@0.4-5.module%2Bel8.2.0%2B4691%2Ba05b2456?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src",
"product": {
"name": "python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src",
"product_id": "python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-qrcode@5.1-12.module%2Bel8.1.0%2B4098%2Bf286395e?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src",
"product": {
"name": "python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src",
"product_id": "python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-yubico@1.3.2-9.module%2Bel8.1.0%2B4098%2Bf286395e?arch=src"
}
}
},
{
"category": "product_version",
"name": "pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src",
"product": {
"name": "pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src",
"product_id": "pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pyusb@1.0.0-9.module%2Bel8.1.0%2B4098%2Bf286395e?arch=src"
}
}
},
{
"category": "product_version",
"name": "slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.src",
"product": {
"name": "slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.src",
"product_id": "slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slapi-nis@0.56.5-4.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=src"
}
}
},
{
"category": "product_version",
"name": "softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.src",
"product": {
"name": "softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.src",
"product_id": "softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/softhsm@2.6.0-3.module%2Bel8.3.0%2B6909%2Bfb33717d?arch=src"
}
}
},
{
"category": "product_version",
"name": "ipa-0:4.8.7-12.module+el8.3.0+8223+6212645f.src",
"product": {
"name": "ipa-0:4.8.7-12.module+el8.3.0+8223+6212645f.src",
"product_id": "ipa-0:4.8.7-12.module+el8.3.0+8223+6212645f.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=src"
}
}
},
{
"category": "product_version",
"name": "ipa-healthcheck-0:0.4-6.module+el8.3.0+7711+c4441980.src",
"product": {
"name": "ipa-healthcheck-0:0.4-6.module+el8.3.0+7711+c4441980.src",
"product_id": "ipa-healthcheck-0:0.4-6.module+el8.3.0+7711+c4441980.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-healthcheck@0.4-6.module%2Bel8.3.0%2B7711%2Bc4441980?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src",
"product": {
"name": "python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src",
"product_id": "python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-jwcrypto@0.5.0-1.module%2Bel8.1.0%2B4107%2B4a66eb87?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src",
"product": {
"name": "python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src",
"product_id": "python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-qrcode@5.1-12.module%2Bel8.1.0%2B4107%2B4a66eb87?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src",
"product": {
"name": "python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src",
"product_id": "python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-yubico@1.3.2-9.module%2Bel8.1.0%2B4107%2B4a66eb87?arch=src"
}
}
},
{
"category": "product_version",
"name": "pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src",
"product": {
"name": "pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src",
"product_id": "pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pyusb@1.0.0-9.module%2Bel8.1.0%2B4107%2B4a66eb87?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"product": {
"name": "bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"product_id": "bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bind-dyndb-ldap@11.3-1.module%2Bel8.3.0%2B6993%2B104f8db0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"product": {
"name": "bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"product_id": "bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bind-dyndb-ldap-debuginfo@11.3-1.module%2Bel8.3.0%2B6993%2B104f8db0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"product": {
"name": "bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"product_id": "bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bind-dyndb-ldap-debugsource@11.3-1.module%2Bel8.3.0%2B6993%2B104f8db0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"product": {
"name": "ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"product_id": "ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"product": {
"name": "ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"product_id": "ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"product": {
"name": "ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"product_id": "ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-epn@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"product": {
"name": "ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"product_id": "ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-samba@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"product": {
"name": "ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"product_id": "ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"product": {
"name": "ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"product_id": "ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-debugsource@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"product": {
"name": "ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"product_id": "ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"product": {
"name": "ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"product_id": "ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"product": {
"name": "ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"product_id": "ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server-trust-ad@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"product": {
"name": "ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"product_id": "ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server-trust-ad-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"product": {
"name": "opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"product_id": "opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/opendnssec@2.1.6-2.module%2Bel8.3.0%2B6580%2B328a3362?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"product": {
"name": "opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"product_id": "opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/opendnssec-debuginfo@2.1.6-2.module%2Bel8.3.0%2B6580%2B328a3362?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"product": {
"name": "opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"product_id": "opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/opendnssec-debugsource@2.1.6-2.module%2Bel8.3.0%2B6580%2B328a3362?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"product": {
"name": "slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"product_id": "slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slapi-nis@0.56.5-4.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"product": {
"name": "slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"product_id": "slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slapi-nis-debuginfo@0.56.5-4.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"product": {
"name": "slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"product_id": "slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slapi-nis-debugsource@0.56.5-4.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"product": {
"name": "softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"product_id": "softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/softhsm@2.6.0-3.module%2Bel8.3.0%2B6909%2Bfb33717d?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"product": {
"name": "softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"product_id": "softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/softhsm-debuginfo@2.6.0-3.module%2Bel8.3.0%2B6909%2Bfb33717d?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"product": {
"name": "softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"product_id": "softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/softhsm-debugsource@2.6.0-3.module%2Bel8.3.0%2B6909%2Bfb33717d?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"product": {
"name": "softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"product_id": "softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/softhsm-devel@2.6.0-3.module%2Bel8.3.0%2B6909%2Bfb33717d?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"product": {
"name": "ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"product_id": "ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"product": {
"name": "ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"product_id": "ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"product": {
"name": "ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"product_id": "ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-epn@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"product": {
"name": "ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"product_id": "ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-samba@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"product": {
"name": "ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"product_id": "ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"product": {
"name": "ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"product_id": "ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-debugsource@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"product": {
"name": "bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"product_id": "bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bind-dyndb-ldap@11.3-1.module%2Bel8.3.0%2B6993%2B104f8db0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"product": {
"name": "bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"product_id": "bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bind-dyndb-ldap-debuginfo@11.3-1.module%2Bel8.3.0%2B6993%2B104f8db0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"product": {
"name": "bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"product_id": "bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bind-dyndb-ldap-debugsource@11.3-1.module%2Bel8.3.0%2B6993%2B104f8db0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"product": {
"name": "ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"product_id": "ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"product": {
"name": "ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"product_id": "ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"product": {
"name": "ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"product_id": "ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-epn@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"product": {
"name": "ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"product_id": "ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-samba@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"product": {
"name": "ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"product_id": "ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"product": {
"name": "ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"product_id": "ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-debugsource@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"product": {
"name": "ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"product_id": "ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"product": {
"name": "ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"product_id": "ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"product": {
"name": "ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"product_id": "ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server-trust-ad@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"product": {
"name": "ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"product_id": "ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server-trust-ad-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"product": {
"name": "opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"product_id": "opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/opendnssec@2.1.6-2.module%2Bel8.3.0%2B6580%2B328a3362?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"product": {
"name": "opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"product_id": "opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/opendnssec-debuginfo@2.1.6-2.module%2Bel8.3.0%2B6580%2B328a3362?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"product": {
"name": "opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"product_id": "opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/opendnssec-debugsource@2.1.6-2.module%2Bel8.3.0%2B6580%2B328a3362?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"product": {
"name": "slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"product_id": "slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slapi-nis@0.56.5-4.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"product": {
"name": "slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"product_id": "slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slapi-nis-debuginfo@0.56.5-4.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"product": {
"name": "slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"product_id": "slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slapi-nis-debugsource@0.56.5-4.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"product": {
"name": "softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"product_id": "softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/softhsm@2.6.0-3.module%2Bel8.3.0%2B6909%2Bfb33717d?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"product": {
"name": "softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"product_id": "softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/softhsm-debuginfo@2.6.0-3.module%2Bel8.3.0%2B6909%2Bfb33717d?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"product": {
"name": "softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"product_id": "softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/softhsm-debugsource@2.6.0-3.module%2Bel8.3.0%2B6909%2Bfb33717d?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"product": {
"name": "softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"product_id": "softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/softhsm-devel@2.6.0-3.module%2Bel8.3.0%2B6909%2Bfb33717d?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"product": {
"name": "ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"product_id": "ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"product": {
"name": "ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"product_id": "ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"product": {
"name": "ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"product_id": "ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-epn@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"product": {
"name": "ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"product_id": "ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-samba@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"product": {
"name": "ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"product_id": "ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"product": {
"name": "ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"product_id": "ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-debugsource@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"product": {
"name": "bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"product_id": "bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bind-dyndb-ldap@11.3-1.module%2Bel8.3.0%2B6993%2B104f8db0?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"product": {
"name": "bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"product_id": "bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bind-dyndb-ldap-debuginfo@11.3-1.module%2Bel8.3.0%2B6993%2B104f8db0?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"product": {
"name": "bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"product_id": "bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bind-dyndb-ldap-debugsource@11.3-1.module%2Bel8.3.0%2B6993%2B104f8db0?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"product": {
"name": "ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"product_id": "ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"product": {
"name": "ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"product_id": "ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"product": {
"name": "ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"product_id": "ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-epn@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"product": {
"name": "ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"product_id": "ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-samba@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"product": {
"name": "ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"product_id": "ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"product": {
"name": "ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"product_id": "ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-debugsource@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"product": {
"name": "ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"product_id": "ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"product": {
"name": "ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"product_id": "ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"product": {
"name": "ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"product_id": "ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server-trust-ad@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"product": {
"name": "ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"product_id": "ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server-trust-ad-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"product": {
"name": "opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"product_id": "opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/opendnssec@2.1.6-2.module%2Bel8.3.0%2B6580%2B328a3362?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"product": {
"name": "opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"product_id": "opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/opendnssec-debuginfo@2.1.6-2.module%2Bel8.3.0%2B6580%2B328a3362?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"product": {
"name": "opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"product_id": "opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/opendnssec-debugsource@2.1.6-2.module%2Bel8.3.0%2B6580%2B328a3362?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"product": {
"name": "slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"product_id": "slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slapi-nis@0.56.5-4.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"product": {
"name": "slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"product_id": "slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slapi-nis-debuginfo@0.56.5-4.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"product": {
"name": "slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"product_id": "slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slapi-nis-debugsource@0.56.5-4.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"product": {
"name": "softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"product_id": "softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/softhsm@2.6.0-3.module%2Bel8.3.0%2B6909%2Bfb33717d?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"product": {
"name": "softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"product_id": "softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/softhsm-debuginfo@2.6.0-3.module%2Bel8.3.0%2B6909%2Bfb33717d?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"product": {
"name": "softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"product_id": "softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/softhsm-debugsource@2.6.0-3.module%2Bel8.3.0%2B6909%2Bfb33717d?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"product": {
"name": "softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"product_id": "softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/softhsm-devel@2.6.0-3.module%2Bel8.3.0%2B6909%2Bfb33717d?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"product": {
"name": "ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"product_id": "ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"product": {
"name": "ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"product_id": "ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"product": {
"name": "ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"product_id": "ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-epn@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"product": {
"name": "ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"product_id": "ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-samba@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"product": {
"name": "ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"product_id": "ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"product": {
"name": "ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"product_id": "ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-debugsource@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"product": {
"name": "bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"product_id": "bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bind-dyndb-ldap@11.3-1.module%2Bel8.3.0%2B6993%2B104f8db0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"product": {
"name": "bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"product_id": "bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bind-dyndb-ldap-debuginfo@11.3-1.module%2Bel8.3.0%2B6993%2B104f8db0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"product": {
"name": "bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"product_id": "bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bind-dyndb-ldap-debugsource@11.3-1.module%2Bel8.3.0%2B6993%2B104f8db0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"product": {
"name": "ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"product_id": "ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"product": {
"name": "ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"product_id": "ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"product": {
"name": "ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"product_id": "ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-epn@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"product": {
"name": "ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"product_id": "ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-samba@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"product": {
"name": "ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"product_id": "ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"product": {
"name": "ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"product_id": "ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-debugsource@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"product": {
"name": "ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"product_id": "ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"product": {
"name": "ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"product_id": "ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"product": {
"name": "ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"product_id": "ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server-trust-ad@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"product": {
"name": "ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"product_id": "ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-server-trust-ad-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"product": {
"name": "opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"product_id": "opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/opendnssec@2.1.6-2.module%2Bel8.3.0%2B6580%2B328a3362?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"product": {
"name": "opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"product_id": "opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/opendnssec-debuginfo@2.1.6-2.module%2Bel8.3.0%2B6580%2B328a3362?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"product": {
"name": "opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"product_id": "opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/opendnssec-debugsource@2.1.6-2.module%2Bel8.3.0%2B6580%2B328a3362?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"product": {
"name": "slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"product_id": "slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slapi-nis@0.56.5-4.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"product": {
"name": "slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"product_id": "slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slapi-nis-debuginfo@0.56.5-4.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"product": {
"name": "slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"product_id": "slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slapi-nis-debugsource@0.56.5-4.module%2Bel8.3.0%2B8222%2Bc1bff54a?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"product": {
"name": "softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"product_id": "softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/softhsm@2.6.0-3.module%2Bel8.3.0%2B6909%2Bfb33717d?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"product": {
"name": "softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"product_id": "softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/softhsm-debuginfo@2.6.0-3.module%2Bel8.3.0%2B6909%2Bfb33717d?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"product": {
"name": "softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"product_id": "softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/softhsm-debugsource@2.6.0-3.module%2Bel8.3.0%2B6909%2Bfb33717d?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"product": {
"name": "softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"product_id": "softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/softhsm-devel@2.6.0-3.module%2Bel8.3.0%2B6909%2Bfb33717d?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"product": {
"name": "ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"product_id": "ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"product": {
"name": "ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"product_id": "ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"product": {
"name": "ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"product_id": "ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-epn@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"product": {
"name": "ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"product_id": "ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-client-samba@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"product": {
"name": "ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"product_id": "ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-debuginfo@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"product": {
"name": "ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"product_id": "ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ipa-debugsource@4.8.7-12.module%2Bel8.3.0%2B8223%2B6212645f?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
"product_reference": "idm:DL1:8030020200923172343:9c827e52",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64 as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64"
},
"product_reference": "bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le"
},
"product_reference": "bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x"
},
"product_reference": "bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.src as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.src"
},
"product_reference": "bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.src",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64 as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64"
},
"product_reference": "bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64 as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64"
},
"product_reference": "bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le"
},
"product_reference": "bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x"
},
"product_reference": "bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64 as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64"
},
"product_reference": "bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64 as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64"
},
"product_reference": "bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le"
},
"product_reference": "bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x"
},
"product_reference": "bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64 as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64"
},
"product_reference": "bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch"
},
"product_reference": "custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src"
},
"product_reference": "custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.src as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.src"
},
"product_reference": "ipa-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.src",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64 as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64"
},
"product_reference": "ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le"
},
"product_reference": "ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x"
},
"product_reference": "ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64 as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64"
},
"product_reference": "ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch"
},
"product_reference": "ipa-client-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64 as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64"
},
"product_reference": "ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le"
},
"product_reference": "ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x"
},
"product_reference": "ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64 as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64"
},
"product_reference": "ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64 as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64"
},
"product_reference": "ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le"
},
"product_reference": "ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x"
},
"product_reference": "ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64 as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64"
},
"product_reference": "ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64 as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64"
},
"product_reference": "ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le"
},
"product_reference": "ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x"
},
"product_reference": "ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64 as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64"
},
"product_reference": "ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch"
},
"product_reference": "ipa-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64 as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64"
},
"product_reference": "ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le"
},
"product_reference": "ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x"
},
"product_reference": "ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64 as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64"
},
"product_reference": "ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64 as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64"
},
"product_reference": "ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le"
},
"product_reference": "ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x"
},
"product_reference": "ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64 as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64"
},
"product_reference": "ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch"
},
"product_reference": "ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.src as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.src"
},
"product_reference": "ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.src",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch"
},
"product_reference": "ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-python-compat-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch"
},
"product_reference": "ipa-python-compat-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-selinux-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-selinux-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch"
},
"product_reference": "ipa-selinux-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64 as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64"
},
"product_reference": "ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le"
},
"product_reference": "ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x"
},
"product_reference": "ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64 as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64"
},
"product_reference": "ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch"
},
"product_reference": "ipa-server-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64 as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64"
},
"product_reference": "ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le"
},
"product_reference": "ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x"
},
"product_reference": "ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64 as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64"
},
"product_reference": "ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-dns-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-dns-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch"
},
"product_reference": "ipa-server-dns-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64 as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64"
},
"product_reference": "ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le"
},
"product_reference": "ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x"
},
"product_reference": "ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64 as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64"
},
"product_reference": "ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64 as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64"
},
"product_reference": "ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le"
},
"product_reference": "ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x"
},
"product_reference": "ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64 as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64"
},
"product_reference": "ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64 as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64"
},
"product_reference": "opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le"
},
"product_reference": "opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x"
},
"product_reference": "opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.src as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.src"
},
"product_reference": "opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.src",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64 as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64"
},
"product_reference": "opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64 as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64"
},
"product_reference": "opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le"
},
"product_reference": "opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x"
},
"product_reference": "opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64 as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64"
},
"product_reference": "opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64 as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64"
},
"product_reference": "opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le"
},
"product_reference": "opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x"
},
"product_reference": "opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64 as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64"
},
"product_reference": "opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src"
},
"product_reference": "python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src"
},
"product_reference": "python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src"
},
"product_reference": "python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src"
},
"product_reference": "python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch"
},
"product_reference": "python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-ipaclient-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch"
},
"product_reference": "python3-ipaclient-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-ipalib-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipalib-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch"
},
"product_reference": "python3-ipalib-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-ipaserver-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipaserver-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch"
},
"product_reference": "python3-ipaserver-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch"
},
"product_reference": "python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch"
},
"product_reference": "python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch"
},
"product_reference": "python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch"
},
"product_reference": "python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch"
},
"product_reference": "python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch"
},
"product_reference": "python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src"
},
"product_reference": "pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64 as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64"
},
"product_reference": "slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le"
},
"product_reference": "slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x"
},
"product_reference": "slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.src as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.src"
},
"product_reference": "slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.src",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64 as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64"
},
"product_reference": "slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64 as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64"
},
"product_reference": "slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le"
},
"product_reference": "slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x"
},
"product_reference": "slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64 as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64"
},
"product_reference": "slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64 as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64"
},
"product_reference": "slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le"
},
"product_reference": "slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x"
},
"product_reference": "slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64 as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64"
},
"product_reference": "slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64 as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64"
},
"product_reference": "softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le"
},
"product_reference": "softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x"
},
"product_reference": "softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.src as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.src"
},
"product_reference": "softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.src",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64 as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64"
},
"product_reference": "softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64 as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64"
},
"product_reference": "softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le"
},
"product_reference": "softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x"
},
"product_reference": "softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64 as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64"
},
"product_reference": "softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64 as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64"
},
"product_reference": "softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le"
},
"product_reference": "softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x"
},
"product_reference": "softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64 as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64"
},
"product_reference": "softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64 as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64"
},
"product_reference": "softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le"
},
"product_reference": "softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x"
},
"product_reference": "softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64 as a component of idm:DL1:8030020200923172343:9c827e52 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64"
},
"product_reference": "softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "idm:client:8030020200923172426:05ac3f11 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11"
},
"product_reference": "idm:client:8030020200923172426:05ac3f11",
"relates_to_product_reference": "AppStream-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-0:4.8.7-12.module+el8.3.0+8223+6212645f.src as a component of idm:client:8030020200923172426:05ac3f11 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-0:4.8.7-12.module+el8.3.0+8223+6212645f.src"
},
"product_reference": "ipa-0:4.8.7-12.module+el8.3.0+8223+6212645f.src",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64 as a component of idm:client:8030020200923172426:05ac3f11 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64"
},
"product_reference": "ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le as a component of idm:client:8030020200923172426:05ac3f11 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le"
},
"product_reference": "ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x as a component of idm:client:8030020200923172426:05ac3f11 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x"
},
"product_reference": "ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64 as a component of idm:client:8030020200923172426:05ac3f11 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64"
},
"product_reference": "ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch as a component of idm:client:8030020200923172426:05ac3f11 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch"
},
"product_reference": "ipa-client-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64 as a component of idm:client:8030020200923172426:05ac3f11 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64"
},
"product_reference": "ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le as a component of idm:client:8030020200923172426:05ac3f11 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le"
},
"product_reference": "ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x as a component of idm:client:8030020200923172426:05ac3f11 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x"
},
"product_reference": "ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64 as a component of idm:client:8030020200923172426:05ac3f11 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64"
},
"product_reference": "ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64 as a component of idm:client:8030020200923172426:05ac3f11 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64"
},
"product_reference": "ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le as a component of idm:client:8030020200923172426:05ac3f11 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le"
},
"product_reference": "ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x as a component of idm:client:8030020200923172426:05ac3f11 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x"
},
"product_reference": "ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64 as a component of idm:client:8030020200923172426:05ac3f11 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64"
},
"product_reference": "ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64 as a component of idm:client:8030020200923172426:05ac3f11 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64"
},
"product_reference": "ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le as a component of idm:client:8030020200923172426:05ac3f11 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le"
},
"product_reference": "ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x as a component of idm:client:8030020200923172426:05ac3f11 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x"
},
"product_reference": "ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64 as a component of idm:client:8030020200923172426:05ac3f11 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64"
},
"product_reference": "ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch as a component of idm:client:8030020200923172426:05ac3f11 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch"
},
"product_reference": "ipa-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64 as a component of idm:client:8030020200923172426:05ac3f11 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64"
},
"product_reference": "ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le as a component of idm:client:8030020200923172426:05ac3f11 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le"
},
"product_reference": "ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x as a component of idm:client:8030020200923172426:05ac3f11 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x"
},
"product_reference": "ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64 as a component of idm:client:8030020200923172426:05ac3f11 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64"
},
"product_reference": "ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64 as a component of idm:client:8030020200923172426:05ac3f11 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64"
},
"product_reference": "ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le as a component of idm:client:8030020200923172426:05ac3f11 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le"
},
"product_reference": "ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x as a component of idm:client:8030020200923172426:05ac3f11 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x"
},
"product_reference": "ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64 as a component of idm:client:8030020200923172426:05ac3f11 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64"
},
"product_reference": "ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-healthcheck-0:0.4-6.module+el8.3.0+7711+c4441980.src as a component of idm:client:8030020200923172426:05ac3f11 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-healthcheck-0:0.4-6.module+el8.3.0+7711+c4441980.src"
},
"product_reference": "ipa-healthcheck-0:0.4-6.module+el8.3.0+7711+c4441980.src",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7711+c4441980.noarch as a component of idm:client:8030020200923172426:05ac3f11 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7711+c4441980.noarch"
},
"product_reference": "ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7711+c4441980.noarch",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-python-compat-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch as a component of idm:client:8030020200923172426:05ac3f11 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch"
},
"product_reference": "ipa-python-compat-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ipa-selinux-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch as a component of idm:client:8030020200923172426:05ac3f11 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-selinux-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch"
},
"product_reference": "ipa-selinux-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src as a component of idm:client:8030020200923172426:05ac3f11 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src"
},
"product_reference": "python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src as a component of idm:client:8030020200923172426:05ac3f11 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src"
},
"product_reference": "python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src as a component of idm:client:8030020200923172426:05ac3f11 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src"
},
"product_reference": "python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-ipaclient-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch as a component of idm:client:8030020200923172426:05ac3f11 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch"
},
"product_reference": "python3-ipaclient-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-ipalib-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch as a component of idm:client:8030020200923172426:05ac3f11 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-ipalib-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch"
},
"product_reference": "python3-ipalib-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch as a component of idm:client:8030020200923172426:05ac3f11 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch"
},
"product_reference": "python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch as a component of idm:client:8030020200923172426:05ac3f11 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch"
},
"product_reference": "python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch as a component of idm:client:8030020200923172426:05ac3f11 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch"
},
"product_reference": "python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch as a component of idm:client:8030020200923172426:05ac3f11 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch"
},
"product_reference": "python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch as a component of idm:client:8030020200923172426:05ac3f11 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch"
},
"product_reference": "python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src as a component of idm:client:8030020200923172426:05ac3f11 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src"
},
"product_reference": "pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src",
"relates_to_product_reference": "AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-9251",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2016-11-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1399546"
}
],
"notes": [
{
"category": "description",
"text": "jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Cross-site scripting via cross-domain ajax requests",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-selinux-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-dns-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipalib-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipaserver-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-0:4.8.7-12.module+el8.3.0+8223+6212645f.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-healthcheck-0:0.4-6.module+el8.3.0+7711+c4441980.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7711+c4441980.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-selinux-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-ipalib-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-9251"
},
{
"category": "external",
"summary": "RHBZ#1399546",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1399546"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-9251",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9251"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-9251",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-9251"
}
],
"release_date": "2015-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:31:18+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-selinux-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-dns-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipalib-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipaserver-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-0:4.8.7-12.module+el8.3.0+8223+6212645f.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-healthcheck-0:0.4-6.module+el8.3.0+7711+c4441980.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7711+c4441980.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-selinux-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-ipalib-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4670"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-selinux-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-dns-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipalib-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipaserver-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-0:4.8.7-12.module+el8.3.0+8223+6212645f.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-healthcheck-0:0.4-6.module+el8.3.0+7711+c4441980.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7711+c4441980.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-selinux-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-ipalib-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Cross-site scripting via cross-domain ajax requests"
},
{
"cve": "CVE-2016-10735",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668097"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the data-target attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-selinux-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-dns-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipalib-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipaserver-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-0:4.8.7-12.module+el8.3.0+8223+6212645f.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-healthcheck-0:0.4-6.module+el8.3.0+7711+c4441980.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7711+c4441980.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-selinux-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-ipalib-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-10735"
},
{
"category": "external",
"summary": "RHBZ#1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10735"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735"
}
],
"release_date": "2016-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:31:18+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-selinux-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-dns-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipalib-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipaserver-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-0:4.8.7-12.module+el8.3.0+8223+6212645f.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-healthcheck-0:0.4-6.module+el8.3.0+7711+c4441980.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7711+c4441980.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-selinux-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-ipalib-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4670"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-selinux-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-dns-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipalib-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipaserver-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-0:4.8.7-12.module+el8.3.0+8223+6212645f.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-healthcheck-0:0.4-6.module+el8.3.0+7711+c4441980.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7711+c4441980.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-selinux-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-ipalib-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the data-target attribute"
},
{
"cve": "CVE-2018-14040",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601614"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-selinux-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-dns-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipalib-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipaserver-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-0:4.8.7-12.module+el8.3.0+8223+6212645f.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-healthcheck-0:0.4-6.module+el8.3.0+7711+c4441980.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7711+c4441980.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-selinux-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-ipalib-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14040"
},
{
"category": "external",
"summary": "RHBZ#1601614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14040",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14040"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:31:18+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-selinux-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-dns-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipalib-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipaserver-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-0:4.8.7-12.module+el8.3.0+8223+6212645f.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-healthcheck-0:0.4-6.module+el8.3.0+7711+c4441980.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7711+c4441980.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-selinux-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-ipalib-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4670"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-selinux-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-dns-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipalib-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipaserver-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-0:4.8.7-12.module+el8.3.0+8223+6212645f.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-healthcheck-0:0.4-6.module+el8.3.0+7711+c4441980.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7711+c4441980.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-selinux-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-ipalib-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute"
},
{
"cve": "CVE-2018-14042",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601617"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-selinux-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-dns-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipalib-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipaserver-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-0:4.8.7-12.module+el8.3.0+8223+6212645f.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-healthcheck-0:0.4-6.module+el8.3.0+7711+c4441980.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7711+c4441980.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-selinux-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-ipalib-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14042"
},
{
"category": "external",
"summary": "RHBZ#1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14042",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14042"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:31:18+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-selinux-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-dns-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipalib-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipaserver-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-0:4.8.7-12.module+el8.3.0+8223+6212645f.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-healthcheck-0:0.4-6.module+el8.3.0+7711+c4441980.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7711+c4441980.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-selinux-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-ipalib-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4670"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-selinux-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-dns-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipalib-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipaserver-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-0:4.8.7-12.module+el8.3.0+8223+6212645f.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-healthcheck-0:0.4-6.module+el8.3.0+7711+c4441980.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7711+c4441980.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-selinux-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-ipalib-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip"
},
{
"cve": "CVE-2018-20676",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668082"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting, caused by improper validation of user-supplied input by the tooltip data-viewport attribute. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the tooltip data-viewport attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions do not use the vulnerable component at all.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-selinux-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-dns-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipalib-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipaserver-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-0:4.8.7-12.module+el8.3.0+8223+6212645f.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-healthcheck-0:0.4-6.module+el8.3.0+7711+c4441980.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7711+c4441980.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-selinux-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-ipalib-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-20676"
},
{
"category": "external",
"summary": "RHBZ#1668082",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668082"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-20676",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20676"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20676",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20676"
}
],
"release_date": "2018-08-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:31:18+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-selinux-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-dns-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipalib-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipaserver-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-0:4.8.7-12.module+el8.3.0+8223+6212645f.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-healthcheck-0:0.4-6.module+el8.3.0+7711+c4441980.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7711+c4441980.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-selinux-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-ipalib-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4670"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-selinux-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-dns-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipalib-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipaserver-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-0:4.8.7-12.module+el8.3.0+8223+6212645f.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-healthcheck-0:0.4-6.module+el8.3.0+7711+c4441980.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7711+c4441980.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-selinux-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-ipalib-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the tooltip data-viewport attribute"
},
{
"cve": "CVE-2018-20677",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668089"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting caused by improper validation of user-supplied input by the affix configuration target property. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the affix configuration target property",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions do not use the vulnerable component at all.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-selinux-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-dns-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipalib-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipaserver-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-0:4.8.7-12.module+el8.3.0+8223+6212645f.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-healthcheck-0:0.4-6.module+el8.3.0+7711+c4441980.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7711+c4441980.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-selinux-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-ipalib-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-20677"
},
{
"category": "external",
"summary": "RHBZ#1668089",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668089"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-20677",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20677"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20677",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20677"
}
],
"release_date": "2018-08-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:31:18+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-selinux-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-dns-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipalib-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipaserver-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-0:4.8.7-12.module+el8.3.0+8223+6212645f.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-healthcheck-0:0.4-6.module+el8.3.0+7711+c4441980.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7711+c4441980.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-selinux-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-ipalib-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4670"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-selinux-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-dns-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipalib-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipaserver-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-0:4.8.7-12.module+el8.3.0+8223+6212645f.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-healthcheck-0:0.4-6.module+el8.3.0+7711+c4441980.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7711+c4441980.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-selinux-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-ipalib-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the affix configuration target property"
},
{
"cve": "CVE-2019-8331",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-02-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1686454"
}
],
"notes": [
{
"category": "description",
"text": "A cross-site scripting vulnerability was discovered in bootstrap. If an attacker could control the data given to tooltip or popover, they could inject HTML or Javascript into the rendered page when tooltip or popover events fired.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the tooltip or popover data-template attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-selinux-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-dns-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipalib-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipaserver-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-0:4.8.7-12.module+el8.3.0+8223+6212645f.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-healthcheck-0:0.4-6.module+el8.3.0+7711+c4441980.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7711+c4441980.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-selinux-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-ipalib-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-8331"
},
{
"category": "external",
"summary": "RHBZ#1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-8331",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8331"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331"
}
],
"release_date": "2019-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:31:18+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-selinux-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-dns-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipalib-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipaserver-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-0:4.8.7-12.module+el8.3.0+8223+6212645f.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-healthcheck-0:0.4-6.module+el8.3.0+7711+c4441980.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7711+c4441980.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-selinux-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-ipalib-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4670"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-selinux-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-dns-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipalib-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipaserver-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-0:4.8.7-12.module+el8.3.0+8223+6212645f.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-healthcheck-0:0.4-6.module+el8.3.0+7711+c4441980.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7711+c4441980.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-selinux-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-ipalib-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the tooltip or popover data-template attribute"
},
{
"cve": "CVE-2019-11358",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-03-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1701972"
}
],
"notes": [
{
"category": "description",
"text": "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-selinux-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-dns-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipalib-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipaserver-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-0:4.8.7-12.module+el8.3.0+8223+6212645f.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-healthcheck-0:0.4-6.module+el8.3.0+7711+c4441980.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7711+c4441980.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-selinux-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-ipalib-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-11358"
},
{
"category": "external",
"summary": "RHBZ#1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/",
"url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/"
},
{
"category": "external",
"summary": "https://www.drupal.org/sa-core-2019-006",
"url": "https://www.drupal.org/sa-core-2019-006"
}
],
"release_date": "2019-03-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:31:18+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-selinux-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-dns-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipalib-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipaserver-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-0:4.8.7-12.module+el8.3.0+8223+6212645f.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-healthcheck-0:0.4-6.module+el8.3.0+7711+c4441980.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7711+c4441980.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-selinux-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-ipalib-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4670"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-selinux-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-dns-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipalib-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipaserver-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-0:4.8.7-12.module+el8.3.0+8223+6212645f.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-healthcheck-0:0.4-6.module+el8.3.0+7711+c4441980.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7711+c4441980.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-selinux-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-ipalib-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection"
},
{
"acknowledgments": [
{
"names": [
"Pritam Singh"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2020-1722",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2019-12-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1793071"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in IPA. When sending a very long password (\u003e= 1,000,000 characters) to the server, the password hashing process could exhaust memory and CPU leading to a denial of service and the website becoming unresponsive. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ipa: No password length restriction leads to denial of service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-selinux-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-dns-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipalib-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipaserver-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-0:4.8.7-12.module+el8.3.0+8223+6212645f.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-healthcheck-0:0.4-6.module+el8.3.0+7711+c4441980.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7711+c4441980.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-selinux-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-ipalib-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-1722"
},
{
"category": "external",
"summary": "RHBZ#1793071",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1793071"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-1722",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1722"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1722",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1722"
}
],
"release_date": "2020-04-14T04:26:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:31:18+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-selinux-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-dns-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipalib-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipaserver-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-0:4.8.7-12.module+el8.3.0+8223+6212645f.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-healthcheck-0:0.4-6.module+el8.3.0+7711+c4441980.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7711+c4441980.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-selinux-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-ipalib-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4670"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-selinux-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-dns-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipalib-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipaserver-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-0:4.8.7-12.module+el8.3.0+8223+6212645f.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-healthcheck-0:0.4-6.module+el8.3.0+7711+c4441980.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7711+c4441980.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-selinux-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-ipalib-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "ipa: No password length restriction leads to denial of service"
},
{
"cve": "CVE-2020-11022",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-04-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1828406"
}
],
"notes": [
{
"category": "description",
"text": "A Cross-site scripting (XSS) vulnerability exists in JQuery. This flaw allows an attacker with the ability to supply input to the \u2018HTML\u2019 function to inject Javascript into the page where that input is rendered, and have it delivered by the browser.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "No supported release of Red Hat OpenStack Platform is affected by this vulnerability as no shipped packages contain the vulnerable code.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-selinux-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-dns-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipalib-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipaserver-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-0:4.8.7-12.module+el8.3.0+8223+6212645f.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-healthcheck-0:0.4-6.module+el8.3.0+7711+c4441980.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7711+c4441980.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-selinux-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-ipalib-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11022"
},
{
"category": "external",
"summary": "RHBZ#1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11022",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2",
"url": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2"
}
],
"release_date": "2020-04-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:31:18+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-selinux-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-dns-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipalib-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipaserver-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-0:4.8.7-12.module+el8.3.0+8223+6212645f.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-healthcheck-0:0.4-6.module+el8.3.0+7711+c4441980.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7711+c4441980.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-selinux-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-ipalib-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4670"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debuginfo-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:bind-dyndb-ldap-debugsource-0:11.3-1.module+el8.3.0+6993+104f8db0.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-0:0.4-6.module+el8.3.0+7710+e2408ce4.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7710+e2408ce4.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-selinux-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-common-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-dns-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:ipa-server-trust-ad-debuginfo-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debuginfo-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:opendnssec-debugsource-0:2.1.6-2.module+el8.3.0+6580+328a3362.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-custodia-0:0.6.0-3.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipalib-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-ipaserver-0:4.8.7-12.module+el8.3.0+8222+c1bff54a.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-kdcproxy-0:0.4-5.module+el8.2.0+4691+a05b2456.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-qrcode-0:5.1-12.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-qrcode-core-0:5.1-12.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:python3-yubico-0:1.3.2-9.module+el8.1.0+4098+f286395e.noarch",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:pyusb-0:1.0.0-9.module+el8.1.0+4098+f286395e.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debuginfo-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:slapi-nis-debugsource-0:0.56.5-4.module+el8.3.0+8222+c1bff54a.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.src",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debuginfo-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-debugsource-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.aarch64",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.ppc64le",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.s390x",
"AppStream-8.3.0.GA:idm:DL1:8030020200923172343:9c827e52:softhsm-devel-0:2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-0:4.8.7-12.module+el8.3.0+8223+6212645f.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-epn-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-client-samba-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-common-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debuginfo-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.aarch64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.ppc64le",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.s390x",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-debugsource-0:4.8.7-12.module+el8.3.0+8223+6212645f.x86_64",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-healthcheck-0:0.4-6.module+el8.3.0+7711+c4441980.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-healthcheck-core-0:0.4-6.module+el8.3.0+7711+c4441980.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-python-compat-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:ipa-selinux-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.src",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-ipaclient-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-ipalib-0:4.8.7-12.module+el8.3.0+8223+6212645f.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-jwcrypto-0:0.5.0-1.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-qrcode-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-qrcode-core-0:5.1-12.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:python3-yubico-0:1.3.2-9.module+el8.1.0+4107+4a66eb87.noarch",
"AppStream-8.3.0.GA:idm:client:8030020200923172426:05ac3f11:pyusb-0:1.0.0-9.module+el8.1.0+4107+4a66eb87.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method"
}
]
}
RHSA-2023:0553
Vulnerability from csaf_redhat
Published
2023-01-31 13:12
Modified
2025-10-13 04:53
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.8, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.9 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* jquery: Prototype pollution in object's prototype leading to denial of
service, remote code execution, or property injection (CVE-2019-11358)
* jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251)
* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute
(CVE-2018-14040)
* jquery: Untrusted code execution via <option> tag in HTML passed to DOM
manipulation methods (CVE-2020-11023)
* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method
(CVE-2020-11022)
* bootstrap: XSS in the data-target attribute (CVE-2016-10735)
* bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy
(CVE-2018-14041)
* sshd-common: mina-sshd: Java unsafe deserialization vulnerability
(CVE-2022-45047)
* woodstox-core: woodstox to serialise XML data was vulnerable to Denial of
Service attacks (CVE-2022-40152)
* bootstrap: Cross-site Scripting (XSS) in the data-container property of
tooltip (CVE-2018-14042)
* bootstrap: XSS in the tooltip or popover data-template attribute
(CVE-2019-8331)
* nodejs-moment: Regular expression denial of service (CVE-2017-18214)
* wildfly-elytron: possible timing attacks via use of unsafe comparator
(CVE-2022-3143)
* jackson-databind: use of deeply nested arrays (CVE-2022-42004)
* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS
(CVE-2022-42003)
* jettison: parser crash by stackoverflow (CVE-2022-40149)
* jettison: memory exhaustion via user-supplied XML or JSON data
(CVE-2022-40150)
* jettison: If the value in map is the map's self, the new new JSONObject(map) cause StackOverflowError which may lead to dos (CVE-2022-45693)
* CXF: Apache CXF: SSRF Vulnerability (CVE-2022-46364)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.8, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.9 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* jquery: Prototype pollution in object\u0027s prototype leading to denial of\nservice, remote code execution, or property injection (CVE-2019-11358)\n\n* jquery: Cross-site scripting via cross-domain ajax requests (CVE-2015-9251)\n\n* bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute\n(CVE-2018-14040)\n\n* jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM\nmanipulation methods (CVE-2020-11023)\n\n* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method\n(CVE-2020-11022)\n\n* bootstrap: XSS in the data-target attribute (CVE-2016-10735)\n\n* bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy\n(CVE-2018-14041)\n\n* sshd-common: mina-sshd: Java unsafe deserialization vulnerability\n(CVE-2022-45047)\n\n* woodstox-core: woodstox to serialise XML data was vulnerable to Denial of\nService attacks (CVE-2022-40152)\n\n* bootstrap: Cross-site Scripting (XSS) in the data-container property of\ntooltip (CVE-2018-14042)\n\n* bootstrap: XSS in the tooltip or popover data-template attribute\n(CVE-2019-8331)\n\n* nodejs-moment: Regular expression denial of service (CVE-2017-18214)\n\n* wildfly-elytron: possible timing attacks via use of unsafe comparator\n(CVE-2022-3143)\n\n* jackson-databind: use of deeply nested arrays (CVE-2022-42004)\n\n* jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS\n(CVE-2022-42003)\n\n* jettison: parser crash by stackoverflow (CVE-2022-40149)\n\n* jettison: memory exhaustion via user-supplied XML or JSON data\n(CVE-2022-40150)\n\n* jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos (CVE-2022-45693)\n\n* CXF: Apache CXF: SSRF Vulnerability (CVE-2022-46364)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:0553",
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/"
},
{
"category": "external",
"summary": "1399546",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1399546"
},
{
"category": "external",
"summary": "1553413",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1553413"
},
{
"category": "external",
"summary": "1601614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614"
},
{
"category": "external",
"summary": "1601616",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601616"
},
{
"category": "external",
"summary": "1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "external",
"summary": "1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "1850004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004"
},
{
"category": "external",
"summary": "2124682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124682"
},
{
"category": "external",
"summary": "2134291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134291"
},
{
"category": "external",
"summary": "2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "2135770",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770"
},
{
"category": "external",
"summary": "2135771",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135771"
},
{
"category": "external",
"summary": "2145194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194"
},
{
"category": "external",
"summary": "2155682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155682"
},
{
"category": "external",
"summary": "2155970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155970"
},
{
"category": "external",
"summary": "JBEAP-23864",
"url": "https://issues.redhat.com/browse/JBEAP-23864"
},
{
"category": "external",
"summary": "JBEAP-23865",
"url": "https://issues.redhat.com/browse/JBEAP-23865"
},
{
"category": "external",
"summary": "JBEAP-23866",
"url": "https://issues.redhat.com/browse/JBEAP-23866"
},
{
"category": "external",
"summary": "JBEAP-23927",
"url": "https://issues.redhat.com/browse/JBEAP-23927"
},
{
"category": "external",
"summary": "JBEAP-24055",
"url": "https://issues.redhat.com/browse/JBEAP-24055"
},
{
"category": "external",
"summary": "JBEAP-24081",
"url": "https://issues.redhat.com/browse/JBEAP-24081"
},
{
"category": "external",
"summary": "JBEAP-24095",
"url": "https://issues.redhat.com/browse/JBEAP-24095"
},
{
"category": "external",
"summary": "JBEAP-24100",
"url": "https://issues.redhat.com/browse/JBEAP-24100"
},
{
"category": "external",
"summary": "JBEAP-24127",
"url": "https://issues.redhat.com/browse/JBEAP-24127"
},
{
"category": "external",
"summary": "JBEAP-24128",
"url": "https://issues.redhat.com/browse/JBEAP-24128"
},
{
"category": "external",
"summary": "JBEAP-24132",
"url": "https://issues.redhat.com/browse/JBEAP-24132"
},
{
"category": "external",
"summary": "JBEAP-24147",
"url": "https://issues.redhat.com/browse/JBEAP-24147"
},
{
"category": "external",
"summary": "JBEAP-24167",
"url": "https://issues.redhat.com/browse/JBEAP-24167"
},
{
"category": "external",
"summary": "JBEAP-24191",
"url": "https://issues.redhat.com/browse/JBEAP-24191"
},
{
"category": "external",
"summary": "JBEAP-24195",
"url": "https://issues.redhat.com/browse/JBEAP-24195"
},
{
"category": "external",
"summary": "JBEAP-24207",
"url": "https://issues.redhat.com/browse/JBEAP-24207"
},
{
"category": "external",
"summary": "JBEAP-24248",
"url": "https://issues.redhat.com/browse/JBEAP-24248"
},
{
"category": "external",
"summary": "JBEAP-24426",
"url": "https://issues.redhat.com/browse/JBEAP-24426"
},
{
"category": "external",
"summary": "JBEAP-24427",
"url": "https://issues.redhat.com/browse/JBEAP-24427"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_0553.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update",
"tracking": {
"current_release_date": "2025-10-13T04:53:23+00:00",
"generator": {
"date": "2025-10-13T04:53:23+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2023:0553",
"initial_release_date": "2023-01-31T13:12:13+00:00",
"revision_history": [
{
"date": "2023-01-31T13:12:13+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-01-31T13:12:13+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-13T04:53:23+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 7.4 for RHEL 8",
"product": {
"name": "Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-elytron-web@1.9.3-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src",
"product_id": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-woodstox-core@6.4.0-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"product": {
"name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"product_id": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-databind@2.12.7-1.redhat_00003.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"product": {
"name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"product_id": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-java8@2.12.7-1.redhat_00003.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"product": {
"name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"product_id": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-annotations@2.12.7-1.redhat_00003.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"product": {
"name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"product_id": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-javaee-security-soteria@1.0.1-3.redhat_00003.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"product": {
"name": "eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"product_id": "eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-providers@2.12.7-1.redhat_00003.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"product": {
"name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"product_id": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-base@2.12.7-1.redhat_00003.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"product": {
"name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"product_id": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jettison@1.5.2-1.redhat_00002.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"product": {
"name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"product_id": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-core@2.12.7-1.redhat_00003.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"product_id": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.2.22-1.SP3_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-remoting@5.0.27-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.3.16-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.5.10-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"product_id": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-sshd@2.9.2-1.redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-jsp-api_2.3_spec@2.0.0-3.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.49-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"product_id": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-jsf-api_2.3_spec@3.0.0-6.SP07_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search@5.10.13-3.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"product": {
"name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"product_id": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.15.16-1.Final_redhat_00001.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"product": {
"name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"product_id": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-24.Final_redhat_00023.1.el8eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"product": {
"name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"product_id": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.4.9-4.GA_redhat_00003.1.el8eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow-server@1.9.3-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-woodstox-core@6.4.0-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product_id": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-databind@2.12.7-1.redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product_id": "eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-datatype-jdk8@2.12.7-1.redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product_id": "eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-datatype-jsr310@2.12.7-1.redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product_id": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-java8@2.12.7-1.redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product_id": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-annotations@2.12.7-1.redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"product_id": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-javaee-security-soteria@1.0.1-3.redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"product_id": "eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-javaee-security-soteria-enterprise@1.0.1-3.redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product_id": "eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-base@2.12.7-1.redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product_id": "eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-json-provider@2.12.7-1.redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product_id": "eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-module-jaxb-annotations@2.12.7-1.redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product_id": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-base@2.12.7-1.redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"product": {
"name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"product_id": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jettison@1.5.2-1.redhat_00002.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product_id": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-core@2.12.7-1.redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.2.22-1.SP3_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-remoting@5.0.27-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hal-console@3.3.16-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.5.10-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-api@1.5.10-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-impl@1.5.10-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-spi@1.5.10-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-api@1.5.10-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-impl@1.5.10-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-deployers-common@1.5.10-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-jdbc@1.5.10-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-validator@1.5.10-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"product_id": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-sshd@2.9.2-1.redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-jsp-api_2.3_spec@2.0.0-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.49-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-jsf-api_2.3_spec@3.0.0-6.SP07_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search@5.10.13-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search-backend-jgroups@5.10.13-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search-backend-jms@5.10.13-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search-engine@5.10.13-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search-orm@5.10.13-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-search-serialization-avro@5.10.13-3.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.15.16-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"product_id": "eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron-tool@1.15.16-1.Final_redhat_00001.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-24.Final_redhat_00023.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.10.0-24.Final_redhat_00023.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"product_id": "eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.10.0-24.Final_redhat_00023.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"product_id": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.4.9-4.GA_redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"product_id": "eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.4.9-4.GA_redhat_00003.1.el8eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"product": {
"name": "eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"product_id": "eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.4.9-4.GA_redhat_00003.1.el8eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src"
},
"product_reference": "eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src"
},
"product_reference": "eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src"
},
"product_reference": "eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src"
},
"product_reference": "eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src"
},
"product_reference": "eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src"
},
"product_reference": "eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src"
},
"product_reference": "eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src"
},
"product_reference": "eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch"
},
"product_reference": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src"
},
"product_reference": "eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src"
},
"product_reference": "eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch"
},
"product_reference": "eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch"
},
"product_reference": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"relates_to_product_reference": "8Base-JBEAP-7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8",
"product_id": "8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
},
"product_reference": "eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src",
"relates_to_product_reference": "8Base-JBEAP-7.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-9251",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2016-11-27T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1399546"
}
],
"notes": [
{
"category": "description",
"text": "jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Cross-site scripting via cross-domain ajax requests",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-9251"
},
{
"category": "external",
"summary": "RHBZ#1399546",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1399546"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-9251",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9251"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-9251",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-9251"
}
],
"release_date": "2015-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:12:13+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jquery: Cross-site scripting via cross-domain ajax requests"
},
{
"cve": "CVE-2016-10735",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668097"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the data-target attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-10735"
},
{
"category": "external",
"summary": "RHBZ#1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10735"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735"
}
],
"release_date": "2016-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:12:13+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "bootstrap: XSS in the data-target attribute"
},
{
"cve": "CVE-2017-18214",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2018-03-08T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1553413"
}
],
"notes": [
{
"category": "description",
"text": "The moment module before 2.19.3 for Node.js is prone to a regular expression denial of service via a crafted date string, a different vulnerability than CVE-2016-4055.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-moment: Regular expression denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of momentjs as shipped with Red Hat Enterprise Satellite 5. Red Hat Product Security has rated this issue as having security impact of Moderate. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.\n\nIn Quay 3.10 and above, no version of affected momentjs is present.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-18214"
},
{
"category": "external",
"summary": "RHBZ#1553413",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1553413"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-18214",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18214"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-18214",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-18214"
}
],
"release_date": "2017-09-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:12:13+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "nodejs-moment: Regular expression denial of service"
},
{
"cve": "CVE-2018-14040",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601614"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14040"
},
{
"category": "external",
"summary": "RHBZ#1601614",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601614"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14040",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14040"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14040"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:12:13+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute"
},
{
"cve": "CVE-2018-14041",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601616"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Bootstrap, where it is vulnerable to Cross-site scripting, caused by improper validation of user-supplied input by the data-target property of scrollspy. This flaw allows a remote attacker to execute a script in a victim\u0027s Web browser within the security context of the hosting Web site, which can lead to stealing the victim\u0027s cookie-based authentication credentials.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14041"
},
{
"category": "external",
"summary": "RHBZ#1601616",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601616"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14041",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14041"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14041",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14041"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:12:13+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the data-target property of scrollspy"
},
{
"cve": "CVE-2018-14042",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2018-07-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1601617"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6.2 and newer versions don\u0027t use the bootstrap library, hence are not affected by this flaw.\n\nRed Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation, since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.\n\nRed Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14042"
},
{
"category": "external",
"summary": "RHBZ#1601617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1601617"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14042",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14042"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14042"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:12:13+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip"
},
{
"cve": "CVE-2019-8331",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-02-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1686454"
}
],
"notes": [
{
"category": "description",
"text": "A cross-site scripting vulnerability was discovered in bootstrap. If an attacker could control the data given to tooltip or popover, they could inject HTML or Javascript into the rendered page when tooltip or popover events fired.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the tooltip or popover data-template attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat CloudForms 4.6 and newer versions include the vulnerable component, but there is no risk of exploitation since there is no possible vector to access the vulnerability. Older Red Hat CloudForms versions don\u0027t use the vulnerable component at all.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-8331"
},
{
"category": "external",
"summary": "RHBZ#1686454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686454"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-8331",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8331"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8331"
}
],
"release_date": "2019-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:12:13+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "bootstrap: XSS in the tooltip or popover data-template attribute"
},
{
"cve": "CVE-2019-11358",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-03-28T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1701972"
}
],
"notes": [
{
"category": "description",
"text": "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-11358"
},
{
"category": "external",
"summary": "RHBZ#1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/",
"url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/"
},
{
"category": "external",
"summary": "https://www.drupal.org/sa-core-2019-006",
"url": "https://www.drupal.org/sa-core-2019-006"
}
],
"release_date": "2019-03-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:12:13+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection"
},
{
"cve": "CVE-2020-11022",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-04-23T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1828406"
}
],
"notes": [
{
"category": "description",
"text": "A Cross-site scripting (XSS) vulnerability exists in JQuery. This flaw allows an attacker with the ability to supply input to the \u2018HTML\u2019 function to inject Javascript into the page where that input is rendered, and have it delivered by the browser.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "No supported release of Red Hat OpenStack Platform is affected by this vulnerability as no shipped packages contain the vulnerable code.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11022"
},
{
"category": "external",
"summary": "RHBZ#1828406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11022",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2",
"url": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2"
}
],
"release_date": "2020-04-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:12:13+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method"
},
{
"cve": "CVE-2020-11023",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-06-23T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1850004"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jQuery. HTML containing \\\u003coption\\\u003e elements from untrusted sources are passed, even after sanitizing, to one of jQuery\u0027s DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux versions 6, 7, and 8 ship a vulnerable version of JQuery in the `pcs` component. As PCS does not accept untrusted input, the vulnerable code cannot be controlled by an attacker.\n\nMultiple Red Hat offerings use doxygen to build documentation. During this process an affected jquery.js file can be included in the resulting package. The \u0027gcc\u0027 and \u0027tbb\u0027 packages were potentially vulnerable via this method.\n\nOpenShift Container Platform 4 is not affected because even though it uses the \u0027gcc\u0027 component, vulnerable code is limited within the libstdc++-docs rpm package, which is not shipped.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nStatic code analysis controls ensure that security flaws, including XSS vulnerabilities, are detected early in development by scanning code for improper input handling. This prevents vulnerable code from reaching production and encourages our developers to follow secure coding practices. System monitoring controls play a crucial role in detecting and responding to XSS attacks by analyzing logs, monitoring user behavior, and generating alerts for suspicious activity. Meanwhile, AWS WAF (Web Application Firewall) adds an extra layer of defense by filtering and blocking malicious input before it reaches the platform and/or application. Together, these controls create a defense-in-depth approach, reducing the risk of XSS exploitation by preventing, detecting, and mitigating attacks at multiple levels.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11023"
},
{
"category": "external",
"summary": "RHBZ#1850004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/",
"url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2020-04-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:12:13+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2025-01-23T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Low"
}
],
"title": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods"
},
{
"cve": "CVE-2022-3143",
"cwe": {
"id": "CWE-208",
"name": "Observable Timing Discrepancy"
},
"discovery_date": "2022-09-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2124682"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Wildfly-elytron. Wildfly-elytron uses java.util.Arrays.equals in several places, which is unsafe and vulnerable to timing attacks. To compare values securely, use java.security.MessageDigest.isEqual instead. This flaw allows an attacker to access secure information or impersonate an authed user.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly-elytron: possible timing attacks via use of unsafe comparator",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-3143"
},
{
"category": "external",
"summary": "RHBZ#2124682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124682"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-3143",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3143"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-3143",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3143"
}
],
"release_date": "2022-09-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:12:13+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly-elytron: possible timing attacks via use of unsafe comparator"
},
{
"cve": "CVE-2022-40149",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-10-18T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135771"
}
],
"notes": [
{
"category": "description",
"text": "A stack-based buffer overflow vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. This flaw allows an attacker to supply content that causes the parser to crash by writing outside the memory bounds if the parser is running on user-supplied input, resulting in a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: parser crash by stackoverflow",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40149"
},
{
"category": "external",
"summary": "RHBZ#2135771",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135771"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40149",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40149"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149"
},
{
"category": "external",
"summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1",
"url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1"
}
],
"release_date": "2022-09-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:12:13+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jettison: parser crash by stackoverflow"
},
{
"cve": "CVE-2022-40150",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2022-10-18T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135770"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Jettison, where parsing an untrusted XML or JSON data may lead to a crash. If the parser is running on user-supplied input, an attacker may supply content that causes the parser to crash, causing memory exhaustion. This effect may support a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: memory exhaustion via user-supplied XML or JSON data",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40150"
},
{
"category": "external",
"summary": "RHBZ#2135770",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135770"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40150",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40150"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150"
},
{
"category": "external",
"summary": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1",
"url": "https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.1"
}
],
"release_date": "2022-09-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:12:13+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jettison: memory exhaustion via user-supplied XML or JSON data"
},
{
"cve": "CVE-2022-40152",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-10-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2134291"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the FasterXML/woodstox package. This flaw allows an attacker to cause a denial of service (DoS) in its target via XML serialization. An attacker may benefit from the parser sending a malicious input that may cause a crash. This vulnerability is only relevant for users using the DTD parsing functionality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-40152"
},
{
"category": "external",
"summary": "RHBZ#2134291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134291"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-40152",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40152"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-40152",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40152"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-3f7h-mf4q-vrm4",
"url": "https://github.com/advisories/GHSA-3f7h-mf4q-vrm4"
}
],
"release_date": "2022-09-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:12:13+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks"
},
{
"cve": "CVE-2022-42003",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135244"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled due to unchecked primitive value deserializers to avoid deep wrapper array nesting.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42003"
},
{
"category": "external",
"summary": "RHBZ#2135244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135244"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42003",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42003"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:12:13+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS"
},
{
"cve": "CVE-2022-42004",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-10-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2135247"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found In FasterXML jackson-databind. This issue could allow an attacker to benefit from resource exhaustion due to the lack of a check in BeanDeserializer._deserializeFromArray to prevent the use of deeply nested arrays. An application is only vulnerable with certain customized choices for deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: use of deeply nested arrays",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-42004"
},
{
"category": "external",
"summary": "RHBZ#2135247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2135247"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-42004",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42004"
}
],
"release_date": "2022-10-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:12:13+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: use of deeply nested arrays"
},
{
"cve": "CVE-2022-45047",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2022-11-23T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2145194"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache MINA SSHD, when using Java deserialization to load a serialized java.security.PrivateKey. An attacker could benefit from unsafe deserialization by inserting unsecured data that may affect the application or server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mina-sshd: Java unsafe deserialization vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Impact as High as there\u0027s a mitigation for minimizing the impact which the flaw requires org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to be impacted, which would require an external/public API for an attacker to benefit from it. \n\nRed Hat Fuse 7 and Red Hat JBoss Enterprise Application Platform 7 have a lower rate (moderate) as it\u0027s very unlikely to be exploited since those are for internal usage or use a custom implementation in their case.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45047"
},
{
"category": "external",
"summary": "RHBZ#2145194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2145194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45047",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45047"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45047"
},
{
"category": "external",
"summary": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html",
"url": "https://www.mail-archive.com/dev@mina.apache.org/msg39312.html"
}
],
"release_date": "2022-11-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:12:13+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
},
{
"category": "workaround",
"details": "From the maintainer:\n\nFor Apache MINA SSHD \u003c= 2.9.1, do not use org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider to generate and later load your server\u0027s host key. Use separately generated host key files, for instance in OpenSSH format, and load them via a org.apache.sshd.common.keyprovider.FileKeyPairProvider instead. Or use a custom implementation instead of \nSimpleGeneratorHostKeyProvider that uses the OpenSSH format for storing and loading the host key (via classes OpenSSHKeyPairResourceWriter and OpenSSHKeyPairResourceParser).",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mina-sshd: Java unsafe deserialization vulnerability"
},
{
"cve": "CVE-2022-45693",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2022-12-23T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155970"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jettison, where it is vulnerable to a denial of service caused by a stack-based buffer overflow. By sending a specially-crafted request using the map parameter, a remote attacker can cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat has determined the impact of this flaw to be Moderate; a successful attack using this flaw would require the processing of untrusted, unsanitized, or unrestricted user inputs, which runs counter to established Red Hat security practices.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src"
],
"known_not_affected": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-45693"
},
{
"category": "external",
"summary": "RHBZ#2155970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155970"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-45693",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45693"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-45693",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45693"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:12:13+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jettison: If the value in map is the map\u0027s self, the new new JSONObject(map) cause StackOverflowError which may lead to dos"
},
{
"cve": "CVE-2022-46364",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2022-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2155682"
}
],
"notes": [
{
"category": "description",
"text": "A SSRF vulnerability was found in Apache CXF. This issue occurs when parsing the href attribute of XOP:Include in MTOM requests, allowing an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "CXF: SSRF Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Integration Camel Quarkus does not support CXF extensions and so is affected at a reduced impact of Moderate.\nThe RHSSO server does not ship Apache CXF. The component mentioned in CVE-2022-46364 is a transitive dependency coming from Fuse adapters and the test suite.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-46364"
},
{
"category": "external",
"summary": "RHBZ#2155682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2155682"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-46364",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46364"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-46364",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-46364"
},
{
"category": "external",
"summary": "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1\u0026modificationDate=1670944472739\u0026api=v2",
"url": "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1\u0026modificationDate=1670944472739\u0026api=v2"
}
],
"release_date": "2022-12-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-01-31T13:12:13+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-apache-sshd-0:2.9.2-1.redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-elytron-web-0:1.9.3-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hal-console-0:3.3.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-0:5.10.13-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jgroups-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-backend-jms-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-engine-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-orm-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-hibernate-search-serialization-avro-0:5.10.13-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.10-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.10-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-annotations-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-core-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-databind-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jdk8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-datatype-jsr310-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-json-provider-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-jaxrs-providers-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-module-jaxb-annotations-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-base-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jackson-modules-java8-0:2.12.7-1.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-0:1.0.1-3.redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-javaee-security-soteria-enterprise-0:1.0.1-3.redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.49-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsf-api_2.3_spec-0:3.0.0-6.SP07_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-jsp-api_2.3_spec-0:2.0.0-3.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-remoting-0:5.0.27-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-24.Final_redhat_00023.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-24.Final_redhat_00023.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-jettison-0:1.5.2-1.redhat_00002.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-undertow-0:2.2.22-1.SP3_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-undertow-server-0:1.9.3-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-0:7.4.9-4.GA_redhat_00003.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.16-1.Final_redhat_00001.1.el8eap.src",
"8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.16-1.Final_redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.9-4.GA_redhat_00003.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.noarch",
"8Base-JBEAP-7.4:eap7-woodstox-core-0:6.4.0-1.redhat_00001.1.el8eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "CXF: SSRF Vulnerability"
}
]
}
rhba-2019_4199
Vulnerability from csaf_redhat
Published
2019-12-12 13:34
Modified
2024-11-15 03:03
Summary
Red Hat Bug Fix Advisory: CloudForms 5.0 bug fix and enhancement update
Notes
Topic
An update is now available for CloudForms Management Engine 5.11.
Details
Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller (MVC) framework for web application development. Action Pack implements the controller and the view components.
This update fixes various bugs and adds enhancements. Documentation for these changes is available from the Release Notes document linked to in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for CloudForms Management Engine 5.11.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller (MVC) framework for web application development. Action Pack implements the controller and the view components.\n\nThis update fixes various bugs and adds enhancements. Documentation for these changes is available from the Release Notes document linked to in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHBA-2019:4199",
"url": "https://access.redhat.com/errata/RHBA-2019:4199"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_cloudforms/5.0/html/release_notes",
"url": "https://access.redhat.com/documentation/en-us/red_hat_cloudforms/5.0/html/release_notes"
},
{
"category": "external",
"summary": "1295839",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1295839"
},
{
"category": "external",
"summary": "1314875",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1314875"
},
{
"category": "external",
"summary": "1402112",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1402112"
},
{
"category": "external",
"summary": "1415106",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1415106"
},
{
"category": "external",
"summary": "1429540",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1429540"
},
{
"category": "external",
"summary": "1430159",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1430159"
},
{
"category": "external",
"summary": "1440191",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1440191"
},
{
"category": "external",
"summary": "1445717",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1445717"
},
{
"category": "external",
"summary": "1447170",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1447170"
},
{
"category": "external",
"summary": "1455145",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1455145"
},
{
"category": "external",
"summary": "1460798",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1460798"
},
{
"category": "external",
"summary": "1461487",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1461487"
},
{
"category": "external",
"summary": "1469035",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1469035"
},
{
"category": "external",
"summary": "1475616",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1475616"
},
{
"category": "external",
"summary": "1480819",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1480819"
},
{
"category": "external",
"summary": "1486765",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1486765"
},
{
"category": "external",
"summary": "1487178",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1487178"
},
{
"category": "external",
"summary": "1498996",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1498996"
},
{
"category": "external",
"summary": "1504155",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1504155"
},
{
"category": "external",
"summary": "1507011",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1507011"
},
{
"category": "external",
"summary": "1515952",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1515952"
},
{
"category": "external",
"summary": "1516838",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1516838"
},
{
"category": "external",
"summary": "1516912",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1516912"
},
{
"category": "external",
"summary": "1518613",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1518613"
},
{
"category": "external",
"summary": "1519359",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1519359"
},
{
"category": "external",
"summary": "1525835",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1525835"
},
{
"category": "external",
"summary": "1527695",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1527695"
},
{
"category": "external",
"summary": "1528984",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1528984"
},
{
"category": "external",
"summary": "1532720",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1532720"
},
{
"category": "external",
"summary": "1533263",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1533263"
},
{
"category": "external",
"summary": "1534529",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534529"
},
{
"category": "external",
"summary": "1534539",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534539"
},
{
"category": "external",
"summary": "1535215",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535215"
},
{
"category": "external",
"summary": "1535782",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535782"
},
{
"category": "external",
"summary": "1535928",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535928"
},
{
"category": "external",
"summary": "1540058",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1540058"
},
{
"category": "external",
"summary": "1543007",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1543007"
},
{
"category": "external",
"summary": "1545942",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1545942"
},
{
"category": "external",
"summary": "1546108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1546108"
},
{
"category": "external",
"summary": "1546927",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1546927"
},
{
"category": "external",
"summary": "1547081",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1547081"
},
{
"category": "external",
"summary": "1549128",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1549128"
},
{
"category": "external",
"summary": "1553846",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1553846"
},
{
"category": "external",
"summary": "1557488",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1557488"
},
{
"category": "external",
"summary": "1559335",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1559335"
},
{
"category": "external",
"summary": "1566600",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1566600"
},
{
"category": "external",
"summary": "1573609",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1573609"
},
{
"category": "external",
"summary": "1574822",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1574822"
},
{
"category": "external",
"summary": "1574823",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1574823"
},
{
"category": "external",
"summary": "1574824",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1574824"
},
{
"category": "external",
"summary": "1574826",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1574826"
},
{
"category": "external",
"summary": "1578076",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1578076"
},
{
"category": "external",
"summary": "1581817",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1581817"
},
{
"category": "external",
"summary": "1591797",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1591797"
},
{
"category": "external",
"summary": "1594381",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1594381"
},
{
"category": "external",
"summary": "1594497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1594497"
},
{
"category": "external",
"summary": "1595259",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1595259"
},
{
"category": "external",
"summary": "1595558",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1595558"
},
{
"category": "external",
"summary": "1597125",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1597125"
},
{
"category": "external",
"summary": "1600961",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1600961"
},
{
"category": "external",
"summary": "1602072",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1602072"
},
{
"category": "external",
"summary": "1608475",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1608475"
},
{
"category": "external",
"summary": "1609348",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1609348"
},
{
"category": "external",
"summary": "1609541",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1609541"
},
{
"category": "external",
"summary": "1614567",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1614567"
},
{
"category": "external",
"summary": "1623636",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1623636"
},
{
"category": "external",
"summary": "1628228",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1628228"
},
{
"category": "external",
"summary": "1630040",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1630040"
},
{
"category": "external",
"summary": "1631845",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1631845"
},
{
"category": "external",
"summary": "1632718",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1632718"
},
{
"category": "external",
"summary": "1633867",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1633867"
},
{
"category": "external",
"summary": "1634794",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1634794"
},
{
"category": "external",
"summary": "1638245",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1638245"
},
{
"category": "external",
"summary": "1638390",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1638390"
},
{
"category": "external",
"summary": "1639387",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1639387"
},
{
"category": "external",
"summary": "1641905",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1641905"
},
{
"category": "external",
"summary": "1643331",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1643331"
},
{
"category": "external",
"summary": "1645041",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1645041"
},
{
"category": "external",
"summary": "1645193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1645193"
},
{
"category": "external",
"summary": "1646562",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1646562"
},
{
"category": "external",
"summary": "1649280",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1649280"
},
{
"category": "external",
"summary": "1650104",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1650104"
},
{
"category": "external",
"summary": "1650117",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1650117"
},
{
"category": "external",
"summary": "1650294",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1650294"
},
{
"category": "external",
"summary": "1650396",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1650396"
},
{
"category": "external",
"summary": "1650418",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1650418"
},
{
"category": "external",
"summary": "1650484",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1650484"
},
{
"category": "external",
"summary": "1650501",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1650501"
},
{
"category": "external",
"summary": "1650506",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1650506"
},
{
"category": "external",
"summary": "1650559",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1650559"
},
{
"category": "external",
"summary": "1652577",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1652577"
},
{
"category": "external",
"summary": "1652858",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1652858"
},
{
"category": "external",
"summary": "1653772",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1653772"
},
{
"category": "external",
"summary": "1653779",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1653779"
},
{
"category": "external",
"summary": "1653787",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1653787"
},
{
"category": "external",
"summary": "1653800",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1653800"
},
{
"category": "external",
"summary": "1654511",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1654511"
},
{
"category": "external",
"summary": "1655114",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1655114"
},
{
"category": "external",
"summary": "1655495",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1655495"
},
{
"category": "external",
"summary": "1655794",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1655794"
},
{
"category": "external",
"summary": "1655977",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1655977"
},
{
"category": "external",
"summary": "1656318",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1656318"
},
{
"category": "external",
"summary": "1656371",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1656371"
},
{
"category": "external",
"summary": "1656722",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1656722"
},
{
"category": "external",
"summary": "1656734",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1656734"
},
{
"category": "external",
"summary": "1656838",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1656838"
},
{
"category": "external",
"summary": "1658906",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1658906"
},
{
"category": "external",
"summary": "1659088",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1659088"
},
{
"category": "external",
"summary": "1659452",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1659452"
},
{
"category": "external",
"summary": "1660163",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1660163"
},
{
"category": "external",
"summary": "1662991",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1662991"
},
{
"category": "external",
"summary": "1663562",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1663562"
},
{
"category": "external",
"summary": "1663972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1663972"
},
{
"category": "external",
"summary": "1664852",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1664852"
},
{
"category": "external",
"summary": "1664886",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1664886"
},
{
"category": "external",
"summary": "1664888",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1664888"
},
{
"category": "external",
"summary": "1667178",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1667178"
},
{
"category": "external",
"summary": "1668004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668004"
},
{
"category": "external",
"summary": "1668437",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668437"
},
{
"category": "external",
"summary": "1669851",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1669851"
},
{
"category": "external",
"summary": "1669860",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1669860"
},
{
"category": "external",
"summary": "1669861",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1669861"
},
{
"category": "external",
"summary": "1669867",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1669867"
},
{
"category": "external",
"summary": "1669868",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1669868"
},
{
"category": "external",
"summary": "1670016",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1670016"
},
{
"category": "external",
"summary": "1670138",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1670138"
},
{
"category": "external",
"summary": "1670150",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1670150"
},
{
"category": "external",
"summary": "1670373",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1670373"
},
{
"category": "external",
"summary": "1670456",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1670456"
},
{
"category": "external",
"summary": "1670472",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1670472"
},
{
"category": "external",
"summary": "1670604",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1670604"
},
{
"category": "external",
"summary": "1671844",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671844"
},
{
"category": "external",
"summary": "1671909",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671909"
},
{
"category": "external",
"summary": "1671911",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671911"
},
{
"category": "external",
"summary": "1672437",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1672437"
},
{
"category": "external",
"summary": "1672689",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1672689"
},
{
"category": "external",
"summary": "1672933",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1672933"
},
{
"category": "external",
"summary": "1672934",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1672934"
},
{
"category": "external",
"summary": "1672937",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1672937"
},
{
"category": "external",
"summary": "1672949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1672949"
},
{
"category": "external",
"summary": "1674055",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1674055"
},
{
"category": "external",
"summary": "1677258",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1677258"
},
{
"category": "external",
"summary": "1677548",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1677548"
},
{
"category": "external",
"summary": "1677553",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1677553"
},
{
"category": "external",
"summary": "1677558",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1677558"
},
{
"category": "external",
"summary": "1677560",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1677560"
},
{
"category": "external",
"summary": "1677561",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1677561"
},
{
"category": "external",
"summary": "1677571",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1677571"
},
{
"category": "external",
"summary": "1677575",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1677575"
},
{
"category": "external",
"summary": "1678046",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1678046"
},
{
"category": "external",
"summary": "1678047",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1678047"
},
{
"category": "external",
"summary": "1678048",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1678048"
},
{
"category": "external",
"summary": "1678122",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1678122"
},
{
"category": "external",
"summary": "1678123",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1678123"
},
{
"category": "external",
"summary": "1678132",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1678132"
},
{
"category": "external",
"summary": "1678135",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1678135"
},
{
"category": "external",
"summary": "1678136",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1678136"
},
{
"category": "external",
"summary": "1678142",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1678142"
},
{
"category": "external",
"summary": "1678149",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1678149"
},
{
"category": "external",
"summary": "1678150",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1678150"
},
{
"category": "external",
"summary": "1678151",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1678151"
},
{
"category": "external",
"summary": "1678190",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1678190"
},
{
"category": "external",
"summary": "1678192",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1678192"
},
{
"category": "external",
"summary": "1678194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1678194"
},
{
"category": "external",
"summary": "1678196",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1678196"
},
{
"category": "external",
"summary": "1680525",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1680525"
},
{
"category": "external",
"summary": "1683697",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1683697"
},
{
"category": "external",
"summary": "1684226",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1684226"
},
{
"category": "external",
"summary": "1684567",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1684567"
},
{
"category": "external",
"summary": "1684575",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1684575"
},
{
"category": "external",
"summary": "1684681",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1684681"
},
{
"category": "external",
"summary": "1685063",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1685063"
},
{
"category": "external",
"summary": "1685266",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1685266"
},
{
"category": "external",
"summary": "1686076",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686076"
},
{
"category": "external",
"summary": "1686617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686617"
},
{
"category": "external",
"summary": "1686619",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686619"
},
{
"category": "external",
"summary": "1686762",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686762"
},
{
"category": "external",
"summary": "1687059",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1687059"
},
{
"category": "external",
"summary": "1687086",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1687086"
},
{
"category": "external",
"summary": "1687597",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1687597"
},
{
"category": "external",
"summary": "1688359",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1688359"
},
{
"category": "external",
"summary": "1688370",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1688370"
},
{
"category": "external",
"summary": "1689369",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1689369"
},
{
"category": "external",
"summary": "1690508",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1690508"
},
{
"category": "external",
"summary": "1690572",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1690572"
},
{
"category": "external",
"summary": "1692537",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1692537"
},
{
"category": "external",
"summary": "1692853",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1692853"
},
{
"category": "external",
"summary": "1693362",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1693362"
},
{
"category": "external",
"summary": "1693994",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1693994"
},
{
"category": "external",
"summary": "1695008",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695008"
},
{
"category": "external",
"summary": "1695219",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695219"
},
{
"category": "external",
"summary": "1695566",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1695566"
},
{
"category": "external",
"summary": "1697467",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1697467"
},
{
"category": "external",
"summary": "1698184",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1698184"
},
{
"category": "external",
"summary": "1698193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1698193"
},
{
"category": "external",
"summary": "1700070",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1700070"
},
{
"category": "external",
"summary": "1704835",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1704835"
},
{
"category": "external",
"summary": "1705105",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1705105"
},
{
"category": "external",
"summary": "1706764",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1706764"
},
{
"category": "external",
"summary": "1707328",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1707328"
},
{
"category": "external",
"summary": "1707537",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1707537"
},
{
"category": "external",
"summary": "1707961",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1707961"
},
{
"category": "external",
"summary": "1708203",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1708203"
},
{
"category": "external",
"summary": "1709957",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1709957"
},
{
"category": "external",
"summary": "1710599",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1710599"
},
{
"category": "external",
"summary": "1710623",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1710623"
},
{
"category": "external",
"summary": "1711855",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1711855"
},
{
"category": "external",
"summary": "1714185",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1714185"
},
{
"category": "external",
"summary": "1714197",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1714197"
},
{
"category": "external",
"summary": "1716858",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1716858"
},
{
"category": "external",
"summary": "1717695",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1717695"
},
{
"category": "external",
"summary": "1717843",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1717843"
},
{
"category": "external",
"summary": "1718457",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1718457"
},
{
"category": "external",
"summary": "1718495",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1718495"
},
{
"category": "external",
"summary": "1718833",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1718833"
},
{
"category": "external",
"summary": "1718858",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1718858"
},
{
"category": "external",
"summary": "1719322",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1719322"
},
{
"category": "external",
"summary": "1719399",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1719399"
},
{
"category": "external",
"summary": "1720187",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1720187"
},
{
"category": "external",
"summary": "1720640",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1720640"
},
{
"category": "external",
"summary": "1722197",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1722197"
},
{
"category": "external",
"summary": "1723420",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1723420"
},
{
"category": "external",
"summary": "1723899",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1723899"
},
{
"category": "external",
"summary": "1724496",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1724496"
},
{
"category": "external",
"summary": "1725838",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1725838"
},
{
"category": "external",
"summary": "1726844",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1726844"
},
{
"category": "external",
"summary": "1727131",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1727131"
},
{
"category": "external",
"summary": "1728740",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1728740"
},
{
"category": "external",
"summary": "1728774",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1728774"
},
{
"category": "external",
"summary": "1729265",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1729265"
},
{
"category": "external",
"summary": "1729953",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1729953"
},
{
"category": "external",
"summary": "1730311",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1730311"
},
{
"category": "external",
"summary": "1732808",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1732808"
},
{
"category": "external",
"summary": "1738664",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1738664"
},
{
"category": "external",
"summary": "1740691",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1740691"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhba-2019_4199.json"
}
],
"title": "Red Hat Bug Fix Advisory: CloudForms 5.0 bug fix and enhancement update",
"tracking": {
"current_release_date": "2024-11-15T03:03:13+00:00",
"generator": {
"date": "2024-11-15T03:03:13+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHBA-2019:4199",
"initial_release_date": "2019-12-12T13:34:43+00:00",
"revision_history": [
{
"date": "2019-12-12T13:34:43+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2019-12-12T13:34:43+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-15T03:03:13+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "CloudForms Management Engine 5.11",
"product": {
"name": "CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:cloudforms_managementengine:5.11::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat CloudForms"
},
{
"branches": [
{
"category": "product_version",
"name": "python-colorama-0:0.4.1-1.el8ost.src",
"product": {
"name": "python-colorama-0:0.4.1-1.el8ost.src",
"product_id": "python-colorama-0:0.4.1-1.el8ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-colorama@0.4.1-1.el8ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-funcsigs-0:1.0.2-3.el8ost.src",
"product": {
"name": "python-funcsigs-0:1.0.2-3.el8ost.src",
"product_id": "python-funcsigs-0:1.0.2-3.el8ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-funcsigs@1.0.2-3.el8ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-mock-0:2.0.0-11.el8ost.src",
"product": {
"name": "python-mock-0:2.0.0-11.el8ost.src",
"product_id": "python-mock-0:2.0.0-11.el8ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-mock@2.0.0-11.el8ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-pbr-0:5.1.2-2.el8ost.src",
"product": {
"name": "python-pbr-0:5.1.2-2.el8ost.src",
"product_id": "python-pbr-0:5.1.2-2.el8ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-pbr@5.1.2-2.el8ost?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-ffi-0:1.9.25-1.el8cf.src",
"product": {
"name": "rubygem-ffi-0:1.9.25-1.el8cf.src",
"product_id": "rubygem-ffi-0:1.9.25-1.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-ffi@1.9.25-1.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-hamlit-0:2.8.10-1.el8cf.src",
"product": {
"name": "rubygem-hamlit-0:2.8.10-1.el8cf.src",
"product_id": "rubygem-hamlit-0:2.8.10-1.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-hamlit@2.8.10-1.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-http_parser.rb-0:0.6.0-1.el8cf.src",
"product": {
"name": "rubygem-http_parser.rb-0:0.6.0-1.el8cf.src",
"product_id": "rubygem-http_parser.rb-0:0.6.0-1.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-http_parser.rb@0.6.0-1.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-linux_block_device-0:0.2.1-1.el8cf.src",
"product": {
"name": "rubygem-linux_block_device-0:0.2.1-1.el8cf.src",
"product_id": "rubygem-linux_block_device-0:0.2.1-1.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-linux_block_device@0.2.1-1.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-memory_buffer-0:0.1.0-2.el8cf.src",
"product": {
"name": "rubygem-memory_buffer-0:0.1.0-2.el8cf.src",
"product_id": "rubygem-memory_buffer-0:0.1.0-2.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-memory_buffer@0.1.0-2.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-nokogiri-0:1.8.5-1.el8cf.src",
"product": {
"name": "rubygem-nokogiri-0:1.8.5-1.el8cf.src",
"product_id": "rubygem-nokogiri-0:1.8.5-1.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-nokogiri@1.8.5-1.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-puma-0:3.7.1-1.el8cf.src",
"product": {
"name": "rubygem-puma-0:3.7.1-1.el8cf.src",
"product_id": "rubygem-puma-0:3.7.1-1.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-puma@3.7.1-1.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-sassc-0:2.0.1-1.el8cf.src",
"product": {
"name": "rubygem-sassc-0:2.0.1-1.el8cf.src",
"product_id": "rubygem-sassc-0:2.0.1-1.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-sassc@2.0.1-1.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-sqlite3-0:1.3.13-2.el8cf.src",
"product": {
"name": "rubygem-sqlite3-0:1.3.13-2.el8cf.src",
"product_id": "rubygem-sqlite3-0:1.3.13-2.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-sqlite3@1.3.13-2.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-surro-gate-0:1.0.5-1.el8cf.src",
"product": {
"name": "rubygem-surro-gate-0:1.0.5-1.el8cf.src",
"product_id": "rubygem-surro-gate-0:1.0.5-1.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-surro-gate@1.0.5-1.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-websocket-driver-0:0.6.5-1.el8cf.src",
"product": {
"name": "rubygem-websocket-driver-0:0.6.5-1.el8cf.src",
"product_id": "rubygem-websocket-driver-0:0.6.5-1.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-websocket-driver@0.6.5-1.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "smem-0:1.4-1.el8cf.src",
"product": {
"name": "smem-0:1.4-1.el8cf.src",
"product_id": "smem-0:1.4-1.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/smem@1.4-1.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "wmi-0:1.3.14-8.el8cf.src",
"product": {
"name": "wmi-0:1.3.14-8.el8cf.src",
"product_id": "wmi-0:1.3.14-8.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/wmi@1.3.14-8.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-future-0:0.16.0-1.el8cf.src",
"product": {
"name": "python-future-0:0.16.0-1.el8cf.src",
"product_id": "python-future-0:0.16.0-1.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-future@0.16.0-1.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-bambou-0:3.0.1-2.el8cf.src",
"product": {
"name": "python-bambou-0:3.0.1-2.el8cf.src",
"product_id": "python-bambou-0:3.0.1-2.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-bambou@3.0.1-2.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-requests-toolbelt-0:0.8.0-2.el8cf.src",
"product": {
"name": "python-requests-toolbelt-0:0.8.0-2.el8cf.src",
"product_id": "python-requests-toolbelt-0:0.8.0-2.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-requests-toolbelt@0.8.0-2.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-pylxca-0:2.1.1-2.el8cf.src",
"product": {
"name": "python-pylxca-0:2.1.1-2.el8cf.src",
"product_id": "python-pylxca-0:2.1.1-2.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-pylxca@2.1.1-2.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-tabulate-0:0.8.2-1.el8cf.src",
"product": {
"name": "python-tabulate-0:0.8.2-1.el8cf.src",
"product_id": "python-tabulate-0:0.8.2-1.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-tabulate@0.8.2-1.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-vspk-0:5.3.2-2.el8cf.src",
"product": {
"name": "python-vspk-0:5.3.2-2.el8cf.src",
"product_id": "python-vspk-0:5.3.2-2.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-vspk@5.3.2-2.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "prince-0:12.4-1.el8cf.src",
"product": {
"name": "prince-0:12.4-1.el8cf.src",
"product_id": "prince-0:12.4-1.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/prince@12.4-1.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "ansible-runner-0:1.3.4-2.el8ar.src",
"product": {
"name": "ansible-runner-0:1.3.4-2.el8ar.src",
"product_id": "ansible-runner-0:1.3.4-2.el8ar.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ansible-runner@1.3.4-2.el8ar?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-daemon-0:2.1.2-9.el8ar.src",
"product": {
"name": "python-daemon-0:2.1.2-9.el8ar.src",
"product_id": "python-daemon-0:2.1.2-9.el8ar.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-daemon@2.1.2-9.el8ar?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-pexpect-0:4.6-2.el8ar.src",
"product": {
"name": "python-pexpect-0:4.6-2.el8ar.src",
"product_id": "python-pexpect-0:4.6-2.el8ar.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-pexpect@4.6-2.el8ar?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-psutil-0:5.4.3-5.el8ar.src",
"product": {
"name": "python-psutil-0:5.4.3-5.el8ar.src",
"product_id": "python-psutil-0:5.4.3-5.el8ar.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-psutil@5.4.3-5.el8ar?arch=src"
}
}
},
{
"category": "product_version",
"name": "repmgr10-0:4.0.6-3.el8cf.src",
"product": {
"name": "repmgr10-0:4.0.6-3.el8cf.src",
"product_id": "repmgr10-0:4.0.6-3.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/repmgr10@4.0.6-3.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "qpid-proton-0:0.28.0-1.el8.src",
"product": {
"name": "qpid-proton-0:0.28.0-1.el8.src",
"product_id": "qpid-proton-0:0.28.0-1.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-proton@0.28.0-1.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-qpid_proton-0:0.26.0-1.el8cf.src",
"product": {
"name": "rubygem-qpid_proton-0:0.26.0-1.el8cf.src",
"product_id": "rubygem-qpid_proton-0:0.26.0-1.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-qpid_proton@0.26.0-1.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-escape_utils-0:1.2.1-1.el8cf.src",
"product": {
"name": "rubygem-escape_utils-0:1.2.1-1.el8cf.src",
"product_id": "rubygem-escape_utils-0:1.2.1-1.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-escape_utils@1.2.1-1.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "v2v-conversion-host-0:1.14.2-1.el8ev.src",
"product": {
"name": "v2v-conversion-host-0:1.14.2-1.el8ev.src",
"product_id": "v2v-conversion-host-0:1.14.2-1.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/v2v-conversion-host@1.14.2-1.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-lockfile-1:0.11.0-8.el8ar.src",
"product": {
"name": "python-lockfile-1:0.11.0-8.el8ar.src",
"product_id": "python-lockfile-1:0.11.0-8.el8ar.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-lockfile@0.11.0-8.el8ar?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "rubygem-bcrypt-0:3.1.13-1.el8cf.src",
"product": {
"name": "rubygem-bcrypt-0:3.1.13-1.el8cf.src",
"product_id": "rubygem-bcrypt-0:3.1.13-1.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-bcrypt@3.1.13-1.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-nio4r-0:2.4.0-1.el8cf.src",
"product": {
"name": "rubygem-nio4r-0:2.4.0-1.el8cf.src",
"product_id": "rubygem-nio4r-0:2.4.0-1.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-nio4r@2.4.0-1.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-unf_ext-0:0.0.7.6-1.el8cf.src",
"product": {
"name": "rubygem-unf_ext-0:0.0.7.6-1.el8cf.src",
"product_id": "rubygem-unf_ext-0:0.0.7.6-1.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-unf_ext@0.0.7.6-1.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-byebug-0:11.0.1-1.el8cf.src",
"product": {
"name": "rubygem-byebug-0:11.0.1-1.el8cf.src",
"product_id": "rubygem-byebug-0:11.0.1-1.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-byebug@11.0.1-1.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "ovirt-ansible-cluster-upgrade-0:1.1.13-1.el8ev.src",
"product": {
"name": "ovirt-ansible-cluster-upgrade-0:1.1.13-1.el8ev.src",
"product_id": "ovirt-ansible-cluster-upgrade-0:1.1.13-1.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-ansible-cluster-upgrade@1.1.13-1.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "ovirt-ansible-disaster-recovery-0:1.2.0-1.el8ev.src",
"product": {
"name": "ovirt-ansible-disaster-recovery-0:1.2.0-1.el8ev.src",
"product_id": "ovirt-ansible-disaster-recovery-0:1.2.0-1.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-ansible-disaster-recovery@1.2.0-1.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "ovirt-ansible-engine-setup-0:1.1.9-1.el8ev.src",
"product": {
"name": "ovirt-ansible-engine-setup-0:1.1.9-1.el8ev.src",
"product_id": "ovirt-ansible-engine-setup-0:1.1.9-1.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-ansible-engine-setup@1.1.9-1.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "ovirt-ansible-hosted-engine-setup-0:1.0.26-1.el8ev.src",
"product": {
"name": "ovirt-ansible-hosted-engine-setup-0:1.0.26-1.el8ev.src",
"product_id": "ovirt-ansible-hosted-engine-setup-0:1.0.26-1.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-ansible-hosted-engine-setup@1.0.26-1.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "ovirt-ansible-image-template-0:1.1.11-1.el8ev.src",
"product": {
"name": "ovirt-ansible-image-template-0:1.1.11-1.el8ev.src",
"product_id": "ovirt-ansible-image-template-0:1.1.11-1.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-ansible-image-template@1.1.11-1.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "ovirt-ansible-infra-0:1.1.12-1.el8ev.src",
"product": {
"name": "ovirt-ansible-infra-0:1.1.12-1.el8ev.src",
"product_id": "ovirt-ansible-infra-0:1.1.12-1.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-ansible-infra@1.1.12-1.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "ovirt-ansible-manageiq-0:1.1.14-1.el8ev.src",
"product": {
"name": "ovirt-ansible-manageiq-0:1.1.14-1.el8ev.src",
"product_id": "ovirt-ansible-manageiq-0:1.1.14-1.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-ansible-manageiq@1.1.14-1.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "ovirt-ansible-repositories-0:1.1.5-1.el8ev.src",
"product": {
"name": "ovirt-ansible-repositories-0:1.1.5-1.el8ev.src",
"product_id": "ovirt-ansible-repositories-0:1.1.5-1.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-ansible-repositories@1.1.5-1.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "ovirt-ansible-roles-0:1.1.7-2.el8ev.src",
"product": {
"name": "ovirt-ansible-roles-0:1.1.7-2.el8ev.src",
"product_id": "ovirt-ansible-roles-0:1.1.7-2.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-ansible-roles@1.1.7-2.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "ovirt-ansible-shutdown-env-0:1.0.3-1.el8ev.src",
"product": {
"name": "ovirt-ansible-shutdown-env-0:1.0.3-1.el8ev.src",
"product_id": "ovirt-ansible-shutdown-env-0:1.0.3-1.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-ansible-shutdown-env@1.0.3-1.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "ovirt-ansible-vm-infra-0:1.1.19-1.el8ev.src",
"product": {
"name": "ovirt-ansible-vm-infra-0:1.1.19-1.el8ev.src",
"product_id": "ovirt-ansible-vm-infra-0:1.1.19-1.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-ansible-vm-infra@1.1.19-1.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "python3-ovirt-engine-sdk4-0:4.3.2-1.el8ev.src",
"product": {
"name": "python3-ovirt-engine-sdk4-0:4.3.2-1.el8ev.src",
"product_id": "python3-ovirt-engine-sdk4-0:4.3.2-1.el8ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-ovirt-engine-sdk4@4.3.2-1.el8ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-rugged-0:0.28.2-1.el8cf.src",
"product": {
"name": "rubygem-rugged-0:0.28.2-1.el8cf.src",
"product_id": "rubygem-rugged-0:0.28.2-1.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-rugged@0.28.2-1.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-ovirt-engine-sdk4-0:4.3.0-1.el8cf.src",
"product": {
"name": "rubygem-ovirt-engine-sdk4-0:4.3.0-1.el8cf.src",
"product_id": "rubygem-ovirt-engine-sdk4-0:4.3.0-1.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-ovirt-engine-sdk4@4.3.0-1.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "cfme-gemset-0:5.11.0.28-1.el8cf.src",
"product": {
"name": "cfme-gemset-0:5.11.0.28-1.el8cf.src",
"product_id": "cfme-gemset-0:5.11.0.28-1.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cfme-gemset@5.11.0.28-1.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "cfme-appliance-0:5.11.0.28-1.el8cf.src",
"product": {
"name": "cfme-appliance-0:5.11.0.28-1.el8cf.src",
"product_id": "cfme-appliance-0:5.11.0.28-1.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cfme-appliance@5.11.0.28-1.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "cfme-0:5.11.0.28-1.el8cf.src",
"product": {
"name": "cfme-0:5.11.0.28-1.el8cf.src",
"product_id": "cfme-0:5.11.0.28-1.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cfme@5.11.0.28-1.el8cf?arch=src"
}
}
},
{
"category": "product_version",
"name": "cfme-amazon-smartstate-0:5.11.0.28-1.el8cf.src",
"product": {
"name": "cfme-amazon-smartstate-0:5.11.0.28-1.el8cf.src",
"product_id": "cfme-amazon-smartstate-0:5.11.0.28-1.el8cf.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cfme-amazon-smartstate@5.11.0.28-1.el8cf?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "python3-colorama-0:0.4.1-1.el8ost.noarch",
"product": {
"name": "python3-colorama-0:0.4.1-1.el8ost.noarch",
"product_id": "python3-colorama-0:0.4.1-1.el8ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-colorama@0.4.1-1.el8ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-funcsigs-0:1.0.2-3.el8ost.noarch",
"product": {
"name": "python3-funcsigs-0:1.0.2-3.el8ost.noarch",
"product_id": "python3-funcsigs-0:1.0.2-3.el8ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-funcsigs@1.0.2-3.el8ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-mock-0:2.0.0-11.el8ost.noarch",
"product": {
"name": "python3-mock-0:2.0.0-11.el8ost.noarch",
"product_id": "python3-mock-0:2.0.0-11.el8ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-mock@2.0.0-11.el8ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-pbr-0:5.1.2-2.el8ost.noarch",
"product": {
"name": "python3-pbr-0:5.1.2-2.el8ost.noarch",
"product_id": "python3-pbr-0:5.1.2-2.el8ost.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-pbr@5.1.2-2.el8ost?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-ffi-doc-0:1.9.25-1.el8cf.noarch",
"product": {
"name": "rubygem-ffi-doc-0:1.9.25-1.el8cf.noarch",
"product_id": "rubygem-ffi-doc-0:1.9.25-1.el8cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-ffi-doc@1.9.25-1.el8cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-hamlit-doc-0:2.8.10-1.el8cf.noarch",
"product": {
"name": "rubygem-hamlit-doc-0:2.8.10-1.el8cf.noarch",
"product_id": "rubygem-hamlit-doc-0:2.8.10-1.el8cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-hamlit-doc@2.8.10-1.el8cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-http_parser.rb-doc-0:0.6.0-1.el8cf.noarch",
"product": {
"name": "rubygem-http_parser.rb-doc-0:0.6.0-1.el8cf.noarch",
"product_id": "rubygem-http_parser.rb-doc-0:0.6.0-1.el8cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-http_parser.rb-doc@0.6.0-1.el8cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-linux_block_device-doc-0:0.2.1-1.el8cf.noarch",
"product": {
"name": "rubygem-linux_block_device-doc-0:0.2.1-1.el8cf.noarch",
"product_id": "rubygem-linux_block_device-doc-0:0.2.1-1.el8cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-linux_block_device-doc@0.2.1-1.el8cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-memory_buffer-doc-0:0.1.0-2.el8cf.noarch",
"product": {
"name": "rubygem-memory_buffer-doc-0:0.1.0-2.el8cf.noarch",
"product_id": "rubygem-memory_buffer-doc-0:0.1.0-2.el8cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-memory_buffer-doc@0.1.0-2.el8cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-puma-doc-0:3.7.1-1.el8cf.noarch",
"product": {
"name": "rubygem-puma-doc-0:3.7.1-1.el8cf.noarch",
"product_id": "rubygem-puma-doc-0:3.7.1-1.el8cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-puma-doc@3.7.1-1.el8cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-sassc-doc-0:2.0.1-1.el8cf.noarch",
"product": {
"name": "rubygem-sassc-doc-0:2.0.1-1.el8cf.noarch",
"product_id": "rubygem-sassc-doc-0:2.0.1-1.el8cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-sassc-doc@2.0.1-1.el8cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-sqlite3-doc-0:1.3.13-2.el8cf.noarch",
"product": {
"name": "rubygem-sqlite3-doc-0:1.3.13-2.el8cf.noarch",
"product_id": "rubygem-sqlite3-doc-0:1.3.13-2.el8cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-sqlite3-doc@1.3.13-2.el8cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-surro-gate-doc-0:1.0.5-1.el8cf.noarch",
"product": {
"name": "rubygem-surro-gate-doc-0:1.0.5-1.el8cf.noarch",
"product_id": "rubygem-surro-gate-doc-0:1.0.5-1.el8cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-surro-gate-doc@1.0.5-1.el8cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-websocket-driver-doc-0:0.6.5-1.el8cf.noarch",
"product": {
"name": "rubygem-websocket-driver-doc-0:0.6.5-1.el8cf.noarch",
"product_id": "rubygem-websocket-driver-doc-0:0.6.5-1.el8cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-websocket-driver-doc@0.6.5-1.el8cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "smem-0:1.4-1.el8cf.noarch",
"product": {
"name": "smem-0:1.4-1.el8cf.noarch",
"product_id": "smem-0:1.4-1.el8cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/smem@1.4-1.el8cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-future-0:0.16.0-1.el8cf.noarch",
"product": {
"name": "python3-future-0:0.16.0-1.el8cf.noarch",
"product_id": "python3-future-0:0.16.0-1.el8cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-future@0.16.0-1.el8cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-bambou-0:3.0.1-2.el8cf.noarch",
"product": {
"name": "python3-bambou-0:3.0.1-2.el8cf.noarch",
"product_id": "python3-bambou-0:3.0.1-2.el8cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-bambou@3.0.1-2.el8cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-requests-toolbelt-0:0.8.0-2.el8cf.noarch",
"product": {
"name": "python3-requests-toolbelt-0:0.8.0-2.el8cf.noarch",
"product_id": "python3-requests-toolbelt-0:0.8.0-2.el8cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-requests-toolbelt@0.8.0-2.el8cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-pylxca-0:2.1.1-2.el8cf.noarch",
"product": {
"name": "python3-pylxca-0:2.1.1-2.el8cf.noarch",
"product_id": "python3-pylxca-0:2.1.1-2.el8cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-pylxca@2.1.1-2.el8cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-tabulate-0:0.8.2-1.el8cf.noarch",
"product": {
"name": "python3-tabulate-0:0.8.2-1.el8cf.noarch",
"product_id": "python3-tabulate-0:0.8.2-1.el8cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-tabulate@0.8.2-1.el8cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-vspk-0:5.3.2-2.el8cf.noarch",
"product": {
"name": "python3-vspk-0:5.3.2-2.el8cf.noarch",
"product_id": "python3-vspk-0:5.3.2-2.el8cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-vspk@5.3.2-2.el8cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ansible-runner-0:1.3.4-2.el8ar.noarch",
"product": {
"name": "ansible-runner-0:1.3.4-2.el8ar.noarch",
"product_id": "ansible-runner-0:1.3.4-2.el8ar.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ansible-runner@1.3.4-2.el8ar?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-ansible-runner-0:1.3.4-2.el8ar.noarch",
"product": {
"name": "python3-ansible-runner-0:1.3.4-2.el8ar.noarch",
"product_id": "python3-ansible-runner-0:1.3.4-2.el8ar.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-ansible-runner@1.3.4-2.el8ar?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-daemon-0:2.1.2-9.el8ar.noarch",
"product": {
"name": "python3-daemon-0:2.1.2-9.el8ar.noarch",
"product_id": "python3-daemon-0:2.1.2-9.el8ar.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-daemon@2.1.2-9.el8ar?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-pexpect-0:4.6-2.el8ar.noarch",
"product": {
"name": "python3-pexpect-0:4.6-2.el8ar.noarch",
"product_id": "python3-pexpect-0:4.6-2.el8ar.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-pexpect@4.6-2.el8ar?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "qpid-proton-c-docs-0:0.28.0-1.el8.noarch",
"product": {
"name": "qpid-proton-c-docs-0:0.28.0-1.el8.noarch",
"product_id": "qpid-proton-c-docs-0:0.28.0-1.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-proton-c-docs@0.28.0-1.el8?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-qpid_proton-doc-0:0.26.0-1.el8cf.noarch",
"product": {
"name": "rubygem-qpid_proton-doc-0:0.26.0-1.el8cf.noarch",
"product_id": "rubygem-qpid_proton-doc-0:0.26.0-1.el8cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-qpid_proton-doc@0.26.0-1.el8cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-escape_utils-doc-0:1.2.1-1.el8cf.noarch",
"product": {
"name": "rubygem-escape_utils-doc-0:1.2.1-1.el8cf.noarch",
"product_id": "rubygem-escape_utils-doc-0:1.2.1-1.el8cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-escape_utils-doc@1.2.1-1.el8cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "v2v-conversion-host-ansible-0:1.14.2-1.el8ev.noarch",
"product": {
"name": "v2v-conversion-host-ansible-0:1.14.2-1.el8ev.noarch",
"product_id": "v2v-conversion-host-ansible-0:1.14.2-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/v2v-conversion-host-ansible@1.14.2-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-lockfile-1:0.11.0-8.el8ar.noarch",
"product": {
"name": "python3-lockfile-1:0.11.0-8.el8ar.noarch",
"product_id": "python3-lockfile-1:0.11.0-8.el8ar.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-lockfile@0.11.0-8.el8ar?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "rubygem-bcrypt-doc-0:3.1.13-1.el8cf.noarch",
"product": {
"name": "rubygem-bcrypt-doc-0:3.1.13-1.el8cf.noarch",
"product_id": "rubygem-bcrypt-doc-0:3.1.13-1.el8cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-bcrypt-doc@3.1.13-1.el8cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-nio4r-doc-0:2.4.0-1.el8cf.noarch",
"product": {
"name": "rubygem-nio4r-doc-0:2.4.0-1.el8cf.noarch",
"product_id": "rubygem-nio4r-doc-0:2.4.0-1.el8cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-nio4r-doc@2.4.0-1.el8cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-unf_ext-doc-0:0.0.7.6-1.el8cf.noarch",
"product": {
"name": "rubygem-unf_ext-doc-0:0.0.7.6-1.el8cf.noarch",
"product_id": "rubygem-unf_ext-doc-0:0.0.7.6-1.el8cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-unf_ext-doc@0.0.7.6-1.el8cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-byebug-doc-0:11.0.1-1.el8cf.noarch",
"product": {
"name": "rubygem-byebug-doc-0:11.0.1-1.el8cf.noarch",
"product_id": "rubygem-byebug-doc-0:11.0.1-1.el8cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-byebug-doc@11.0.1-1.el8cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-ansible-cluster-upgrade-0:1.1.13-1.el8ev.noarch",
"product": {
"name": "ovirt-ansible-cluster-upgrade-0:1.1.13-1.el8ev.noarch",
"product_id": "ovirt-ansible-cluster-upgrade-0:1.1.13-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-ansible-cluster-upgrade@1.1.13-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-ansible-disaster-recovery-0:1.2.0-1.el8ev.noarch",
"product": {
"name": "ovirt-ansible-disaster-recovery-0:1.2.0-1.el8ev.noarch",
"product_id": "ovirt-ansible-disaster-recovery-0:1.2.0-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-ansible-disaster-recovery@1.2.0-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-ansible-engine-setup-0:1.1.9-1.el8ev.noarch",
"product": {
"name": "ovirt-ansible-engine-setup-0:1.1.9-1.el8ev.noarch",
"product_id": "ovirt-ansible-engine-setup-0:1.1.9-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-ansible-engine-setup@1.1.9-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-ansible-hosted-engine-setup-0:1.0.26-1.el8ev.noarch",
"product": {
"name": "ovirt-ansible-hosted-engine-setup-0:1.0.26-1.el8ev.noarch",
"product_id": "ovirt-ansible-hosted-engine-setup-0:1.0.26-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-ansible-hosted-engine-setup@1.0.26-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-ansible-image-template-0:1.1.11-1.el8ev.noarch",
"product": {
"name": "ovirt-ansible-image-template-0:1.1.11-1.el8ev.noarch",
"product_id": "ovirt-ansible-image-template-0:1.1.11-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-ansible-image-template@1.1.11-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-ansible-infra-0:1.1.12-1.el8ev.noarch",
"product": {
"name": "ovirt-ansible-infra-0:1.1.12-1.el8ev.noarch",
"product_id": "ovirt-ansible-infra-0:1.1.12-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-ansible-infra@1.1.12-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-ansible-manageiq-0:1.1.14-1.el8ev.noarch",
"product": {
"name": "ovirt-ansible-manageiq-0:1.1.14-1.el8ev.noarch",
"product_id": "ovirt-ansible-manageiq-0:1.1.14-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-ansible-manageiq@1.1.14-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-ansible-repositories-0:1.1.5-1.el8ev.noarch",
"product": {
"name": "ovirt-ansible-repositories-0:1.1.5-1.el8ev.noarch",
"product_id": "ovirt-ansible-repositories-0:1.1.5-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-ansible-repositories@1.1.5-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-ansible-roles-0:1.1.7-2.el8ev.noarch",
"product": {
"name": "ovirt-ansible-roles-0:1.1.7-2.el8ev.noarch",
"product_id": "ovirt-ansible-roles-0:1.1.7-2.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-ansible-roles@1.1.7-2.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-ansible-shutdown-env-0:1.0.3-1.el8ev.noarch",
"product": {
"name": "ovirt-ansible-shutdown-env-0:1.0.3-1.el8ev.noarch",
"product_id": "ovirt-ansible-shutdown-env-0:1.0.3-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-ansible-shutdown-env@1.0.3-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ovirt-ansible-vm-infra-0:1.1.19-1.el8ev.noarch",
"product": {
"name": "ovirt-ansible-vm-infra-0:1.1.19-1.el8ev.noarch",
"product_id": "ovirt-ansible-vm-infra-0:1.1.19-1.el8ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovirt-ansible-vm-infra@1.1.19-1.el8ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-rugged-doc-0:0.28.2-1.el8cf.noarch",
"product": {
"name": "rubygem-rugged-doc-0:0.28.2-1.el8cf.noarch",
"product_id": "rubygem-rugged-doc-0:0.28.2-1.el8cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-rugged-doc@0.28.2-1.el8cf?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-ovirt-engine-sdk4-doc-0:4.3.0-1.el8cf.noarch",
"product": {
"name": "rubygem-ovirt-engine-sdk4-doc-0:4.3.0-1.el8cf.noarch",
"product_id": "rubygem-ovirt-engine-sdk4-doc-0:4.3.0-1.el8cf.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-ovirt-engine-sdk4-doc@4.3.0-1.el8cf?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "rubygem-ffi-0:1.9.25-1.el8cf.x86_64",
"product": {
"name": "rubygem-ffi-0:1.9.25-1.el8cf.x86_64",
"product_id": "rubygem-ffi-0:1.9.25-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-ffi@1.9.25-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-ffi-debugsource-0:1.9.25-1.el8cf.x86_64",
"product": {
"name": "rubygem-ffi-debugsource-0:1.9.25-1.el8cf.x86_64",
"product_id": "rubygem-ffi-debugsource-0:1.9.25-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-ffi-debugsource@1.9.25-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-ffi-debuginfo-0:1.9.25-1.el8cf.x86_64",
"product": {
"name": "rubygem-ffi-debuginfo-0:1.9.25-1.el8cf.x86_64",
"product_id": "rubygem-ffi-debuginfo-0:1.9.25-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-ffi-debuginfo@1.9.25-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-hamlit-0:2.8.10-1.el8cf.x86_64",
"product": {
"name": "rubygem-hamlit-0:2.8.10-1.el8cf.x86_64",
"product_id": "rubygem-hamlit-0:2.8.10-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-hamlit@2.8.10-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-hamlit-debugsource-0:2.8.10-1.el8cf.x86_64",
"product": {
"name": "rubygem-hamlit-debugsource-0:2.8.10-1.el8cf.x86_64",
"product_id": "rubygem-hamlit-debugsource-0:2.8.10-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-hamlit-debugsource@2.8.10-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-hamlit-debuginfo-0:2.8.10-1.el8cf.x86_64",
"product": {
"name": "rubygem-hamlit-debuginfo-0:2.8.10-1.el8cf.x86_64",
"product_id": "rubygem-hamlit-debuginfo-0:2.8.10-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-hamlit-debuginfo@2.8.10-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-http_parser.rb-0:0.6.0-1.el8cf.x86_64",
"product": {
"name": "rubygem-http_parser.rb-0:0.6.0-1.el8cf.x86_64",
"product_id": "rubygem-http_parser.rb-0:0.6.0-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-http_parser.rb@0.6.0-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-http_parser.rb-debugsource-0:0.6.0-1.el8cf.x86_64",
"product": {
"name": "rubygem-http_parser.rb-debugsource-0:0.6.0-1.el8cf.x86_64",
"product_id": "rubygem-http_parser.rb-debugsource-0:0.6.0-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-http_parser.rb-debugsource@0.6.0-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-http_parser.rb-debuginfo-0:0.6.0-1.el8cf.x86_64",
"product": {
"name": "rubygem-http_parser.rb-debuginfo-0:0.6.0-1.el8cf.x86_64",
"product_id": "rubygem-http_parser.rb-debuginfo-0:0.6.0-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-http_parser.rb-debuginfo@0.6.0-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-linux_block_device-0:0.2.1-1.el8cf.x86_64",
"product": {
"name": "rubygem-linux_block_device-0:0.2.1-1.el8cf.x86_64",
"product_id": "rubygem-linux_block_device-0:0.2.1-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-linux_block_device@0.2.1-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-linux_block_device-debugsource-0:0.2.1-1.el8cf.x86_64",
"product": {
"name": "rubygem-linux_block_device-debugsource-0:0.2.1-1.el8cf.x86_64",
"product_id": "rubygem-linux_block_device-debugsource-0:0.2.1-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-linux_block_device-debugsource@0.2.1-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-linux_block_device-debuginfo-0:0.2.1-1.el8cf.x86_64",
"product": {
"name": "rubygem-linux_block_device-debuginfo-0:0.2.1-1.el8cf.x86_64",
"product_id": "rubygem-linux_block_device-debuginfo-0:0.2.1-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-linux_block_device-debuginfo@0.2.1-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-memory_buffer-0:0.1.0-2.el8cf.x86_64",
"product": {
"name": "rubygem-memory_buffer-0:0.1.0-2.el8cf.x86_64",
"product_id": "rubygem-memory_buffer-0:0.1.0-2.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-memory_buffer@0.1.0-2.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-memory_buffer-debugsource-0:0.1.0-2.el8cf.x86_64",
"product": {
"name": "rubygem-memory_buffer-debugsource-0:0.1.0-2.el8cf.x86_64",
"product_id": "rubygem-memory_buffer-debugsource-0:0.1.0-2.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-memory_buffer-debugsource@0.1.0-2.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-memory_buffer-debuginfo-0:0.1.0-2.el8cf.x86_64",
"product": {
"name": "rubygem-memory_buffer-debuginfo-0:0.1.0-2.el8cf.x86_64",
"product_id": "rubygem-memory_buffer-debuginfo-0:0.1.0-2.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-memory_buffer-debuginfo@0.1.0-2.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-nokogiri-0:1.8.5-1.el8cf.x86_64",
"product": {
"name": "rubygem-nokogiri-0:1.8.5-1.el8cf.x86_64",
"product_id": "rubygem-nokogiri-0:1.8.5-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-nokogiri@1.8.5-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-nokogiri-doc-0:1.8.5-1.el8cf.x86_64",
"product": {
"name": "rubygem-nokogiri-doc-0:1.8.5-1.el8cf.x86_64",
"product_id": "rubygem-nokogiri-doc-0:1.8.5-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-nokogiri-doc@1.8.5-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-nokogiri-debugsource-0:1.8.5-1.el8cf.x86_64",
"product": {
"name": "rubygem-nokogiri-debugsource-0:1.8.5-1.el8cf.x86_64",
"product_id": "rubygem-nokogiri-debugsource-0:1.8.5-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-nokogiri-debugsource@1.8.5-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-nokogiri-debuginfo-0:1.8.5-1.el8cf.x86_64",
"product": {
"name": "rubygem-nokogiri-debuginfo-0:1.8.5-1.el8cf.x86_64",
"product_id": "rubygem-nokogiri-debuginfo-0:1.8.5-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-nokogiri-debuginfo@1.8.5-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-puma-0:3.7.1-1.el8cf.x86_64",
"product": {
"name": "rubygem-puma-0:3.7.1-1.el8cf.x86_64",
"product_id": "rubygem-puma-0:3.7.1-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-puma@3.7.1-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-puma-debugsource-0:3.7.1-1.el8cf.x86_64",
"product": {
"name": "rubygem-puma-debugsource-0:3.7.1-1.el8cf.x86_64",
"product_id": "rubygem-puma-debugsource-0:3.7.1-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-puma-debugsource@3.7.1-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-puma-debuginfo-0:3.7.1-1.el8cf.x86_64",
"product": {
"name": "rubygem-puma-debuginfo-0:3.7.1-1.el8cf.x86_64",
"product_id": "rubygem-puma-debuginfo-0:3.7.1-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-puma-debuginfo@3.7.1-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-sassc-0:2.0.1-1.el8cf.x86_64",
"product": {
"name": "rubygem-sassc-0:2.0.1-1.el8cf.x86_64",
"product_id": "rubygem-sassc-0:2.0.1-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-sassc@2.0.1-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-sassc-debugsource-0:2.0.1-1.el8cf.x86_64",
"product": {
"name": "rubygem-sassc-debugsource-0:2.0.1-1.el8cf.x86_64",
"product_id": "rubygem-sassc-debugsource-0:2.0.1-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-sassc-debugsource@2.0.1-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-sassc-debuginfo-0:2.0.1-1.el8cf.x86_64",
"product": {
"name": "rubygem-sassc-debuginfo-0:2.0.1-1.el8cf.x86_64",
"product_id": "rubygem-sassc-debuginfo-0:2.0.1-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-sassc-debuginfo@2.0.1-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-sqlite3-0:1.3.13-2.el8cf.x86_64",
"product": {
"name": "rubygem-sqlite3-0:1.3.13-2.el8cf.x86_64",
"product_id": "rubygem-sqlite3-0:1.3.13-2.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-sqlite3@1.3.13-2.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-sqlite3-debugsource-0:1.3.13-2.el8cf.x86_64",
"product": {
"name": "rubygem-sqlite3-debugsource-0:1.3.13-2.el8cf.x86_64",
"product_id": "rubygem-sqlite3-debugsource-0:1.3.13-2.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-sqlite3-debugsource@1.3.13-2.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-sqlite3-debuginfo-0:1.3.13-2.el8cf.x86_64",
"product": {
"name": "rubygem-sqlite3-debuginfo-0:1.3.13-2.el8cf.x86_64",
"product_id": "rubygem-sqlite3-debuginfo-0:1.3.13-2.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-sqlite3-debuginfo@1.3.13-2.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-surro-gate-0:1.0.5-1.el8cf.x86_64",
"product": {
"name": "rubygem-surro-gate-0:1.0.5-1.el8cf.x86_64",
"product_id": "rubygem-surro-gate-0:1.0.5-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-surro-gate@1.0.5-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-surro-gate-debugsource-0:1.0.5-1.el8cf.x86_64",
"product": {
"name": "rubygem-surro-gate-debugsource-0:1.0.5-1.el8cf.x86_64",
"product_id": "rubygem-surro-gate-debugsource-0:1.0.5-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-surro-gate-debugsource@1.0.5-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-surro-gate-debuginfo-0:1.0.5-1.el8cf.x86_64",
"product": {
"name": "rubygem-surro-gate-debuginfo-0:1.0.5-1.el8cf.x86_64",
"product_id": "rubygem-surro-gate-debuginfo-0:1.0.5-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-surro-gate-debuginfo@1.0.5-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-websocket-driver-0:0.6.5-1.el8cf.x86_64",
"product": {
"name": "rubygem-websocket-driver-0:0.6.5-1.el8cf.x86_64",
"product_id": "rubygem-websocket-driver-0:0.6.5-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-websocket-driver@0.6.5-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-websocket-driver-debugsource-0:0.6.5-1.el8cf.x86_64",
"product": {
"name": "rubygem-websocket-driver-debugsource-0:0.6.5-1.el8cf.x86_64",
"product_id": "rubygem-websocket-driver-debugsource-0:0.6.5-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-websocket-driver-debugsource@0.6.5-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-websocket-driver-debuginfo-0:0.6.5-1.el8cf.x86_64",
"product": {
"name": "rubygem-websocket-driver-debuginfo-0:0.6.5-1.el8cf.x86_64",
"product_id": "rubygem-websocket-driver-debuginfo-0:0.6.5-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-websocket-driver-debuginfo@0.6.5-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "wmi-0:1.3.14-8.el8cf.x86_64",
"product": {
"name": "wmi-0:1.3.14-8.el8cf.x86_64",
"product_id": "wmi-0:1.3.14-8.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/wmi@1.3.14-8.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "wmi-debugsource-0:1.3.14-8.el8cf.x86_64",
"product": {
"name": "wmi-debugsource-0:1.3.14-8.el8cf.x86_64",
"product_id": "wmi-debugsource-0:1.3.14-8.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/wmi-debugsource@1.3.14-8.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "wmi-debuginfo-0:1.3.14-8.el8cf.x86_64",
"product": {
"name": "wmi-debuginfo-0:1.3.14-8.el8cf.x86_64",
"product_id": "wmi-debuginfo-0:1.3.14-8.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/wmi-debuginfo@1.3.14-8.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "prince-0:12.4-1.el8cf.x86_64",
"product": {
"name": "prince-0:12.4-1.el8cf.x86_64",
"product_id": "prince-0:12.4-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/prince@12.4-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-psutil-0:5.4.3-5.el8ar.x86_64",
"product": {
"name": "python3-psutil-0:5.4.3-5.el8ar.x86_64",
"product_id": "python3-psutil-0:5.4.3-5.el8ar.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-psutil@5.4.3-5.el8ar?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python-psutil-debugsource-0:5.4.3-5.el8ar.x86_64",
"product": {
"name": "python-psutil-debugsource-0:5.4.3-5.el8ar.x86_64",
"product_id": "python-psutil-debugsource-0:5.4.3-5.el8ar.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-psutil-debugsource@5.4.3-5.el8ar?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-psutil-debuginfo-0:5.4.3-5.el8ar.x86_64",
"product": {
"name": "python3-psutil-debuginfo-0:5.4.3-5.el8ar.x86_64",
"product_id": "python3-psutil-debuginfo-0:5.4.3-5.el8ar.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-psutil-debuginfo@5.4.3-5.el8ar?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "repmgr10-0:4.0.6-3.el8cf.x86_64",
"product": {
"name": "repmgr10-0:4.0.6-3.el8cf.x86_64",
"product_id": "repmgr10-0:4.0.6-3.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/repmgr10@4.0.6-3.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "repmgr10-debugsource-0:4.0.6-3.el8cf.x86_64",
"product": {
"name": "repmgr10-debugsource-0:4.0.6-3.el8cf.x86_64",
"product_id": "repmgr10-debugsource-0:4.0.6-3.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/repmgr10-debugsource@4.0.6-3.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "repmgr10-debuginfo-0:4.0.6-3.el8cf.x86_64",
"product": {
"name": "repmgr10-debuginfo-0:4.0.6-3.el8cf.x86_64",
"product_id": "repmgr10-debuginfo-0:4.0.6-3.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/repmgr10-debuginfo@4.0.6-3.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "qpid-proton-c-0:0.28.0-1.el8.x86_64",
"product": {
"name": "qpid-proton-c-0:0.28.0-1.el8.x86_64",
"product_id": "qpid-proton-c-0:0.28.0-1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-proton-c@0.28.0-1.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "qpid-proton-c-devel-0:0.28.0-1.el8.x86_64",
"product": {
"name": "qpid-proton-c-devel-0:0.28.0-1.el8.x86_64",
"product_id": "qpid-proton-c-devel-0:0.28.0-1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-proton-c-devel@0.28.0-1.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "qpid-proton-debugsource-0:0.28.0-1.el8.x86_64",
"product": {
"name": "qpid-proton-debugsource-0:0.28.0-1.el8.x86_64",
"product_id": "qpid-proton-debugsource-0:0.28.0-1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-proton-debugsource@0.28.0-1.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-qpid-proton-debuginfo-0:0.28.0-1.el8.x86_64",
"product": {
"name": "python3-qpid-proton-debuginfo-0:0.28.0-1.el8.x86_64",
"product_id": "python3-qpid-proton-debuginfo-0:0.28.0-1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-qpid-proton-debuginfo@0.28.0-1.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "qpid-proton-c-debuginfo-0:0.28.0-1.el8.x86_64",
"product": {
"name": "qpid-proton-c-debuginfo-0:0.28.0-1.el8.x86_64",
"product_id": "qpid-proton-c-debuginfo-0:0.28.0-1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-proton-c-debuginfo@0.28.0-1.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "qpid-proton-cpp-debuginfo-0:0.28.0-1.el8.x86_64",
"product": {
"name": "qpid-proton-cpp-debuginfo-0:0.28.0-1.el8.x86_64",
"product_id": "qpid-proton-cpp-debuginfo-0:0.28.0-1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-proton-cpp-debuginfo@0.28.0-1.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "qpid-proton-debuginfo-0:0.28.0-1.el8.x86_64",
"product": {
"name": "qpid-proton-debuginfo-0:0.28.0-1.el8.x86_64",
"product_id": "qpid-proton-debuginfo-0:0.28.0-1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/qpid-proton-debuginfo@0.28.0-1.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-qpid_proton-0:0.26.0-1.el8cf.x86_64",
"product": {
"name": "rubygem-qpid_proton-0:0.26.0-1.el8cf.x86_64",
"product_id": "rubygem-qpid_proton-0:0.26.0-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-qpid_proton@0.26.0-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-qpid_proton-debugsource-0:0.26.0-1.el8cf.x86_64",
"product": {
"name": "rubygem-qpid_proton-debugsource-0:0.26.0-1.el8cf.x86_64",
"product_id": "rubygem-qpid_proton-debugsource-0:0.26.0-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-qpid_proton-debugsource@0.26.0-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-qpid_proton-debuginfo-0:0.26.0-1.el8cf.x86_64",
"product": {
"name": "rubygem-qpid_proton-debuginfo-0:0.26.0-1.el8cf.x86_64",
"product_id": "rubygem-qpid_proton-debuginfo-0:0.26.0-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-qpid_proton-debuginfo@0.26.0-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-escape_utils-0:1.2.1-1.el8cf.x86_64",
"product": {
"name": "rubygem-escape_utils-0:1.2.1-1.el8cf.x86_64",
"product_id": "rubygem-escape_utils-0:1.2.1-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-escape_utils@1.2.1-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-escape_utils-debugsource-0:1.2.1-1.el8cf.x86_64",
"product": {
"name": "rubygem-escape_utils-debugsource-0:1.2.1-1.el8cf.x86_64",
"product_id": "rubygem-escape_utils-debugsource-0:1.2.1-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-escape_utils-debugsource@1.2.1-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-escape_utils-debuginfo-0:1.2.1-1.el8cf.x86_64",
"product": {
"name": "rubygem-escape_utils-debuginfo-0:1.2.1-1.el8cf.x86_64",
"product_id": "rubygem-escape_utils-debuginfo-0:1.2.1-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-escape_utils-debuginfo@1.2.1-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-bcrypt-0:3.1.13-1.el8cf.x86_64",
"product": {
"name": "rubygem-bcrypt-0:3.1.13-1.el8cf.x86_64",
"product_id": "rubygem-bcrypt-0:3.1.13-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-bcrypt@3.1.13-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-bcrypt-debugsource-0:3.1.13-1.el8cf.x86_64",
"product": {
"name": "rubygem-bcrypt-debugsource-0:3.1.13-1.el8cf.x86_64",
"product_id": "rubygem-bcrypt-debugsource-0:3.1.13-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-bcrypt-debugsource@3.1.13-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-bcrypt-debuginfo-0:3.1.13-1.el8cf.x86_64",
"product": {
"name": "rubygem-bcrypt-debuginfo-0:3.1.13-1.el8cf.x86_64",
"product_id": "rubygem-bcrypt-debuginfo-0:3.1.13-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-bcrypt-debuginfo@3.1.13-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-nio4r-0:2.4.0-1.el8cf.x86_64",
"product": {
"name": "rubygem-nio4r-0:2.4.0-1.el8cf.x86_64",
"product_id": "rubygem-nio4r-0:2.4.0-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-nio4r@2.4.0-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-nio4r-debugsource-0:2.4.0-1.el8cf.x86_64",
"product": {
"name": "rubygem-nio4r-debugsource-0:2.4.0-1.el8cf.x86_64",
"product_id": "rubygem-nio4r-debugsource-0:2.4.0-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-nio4r-debugsource@2.4.0-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-nio4r-debuginfo-0:2.4.0-1.el8cf.x86_64",
"product": {
"name": "rubygem-nio4r-debuginfo-0:2.4.0-1.el8cf.x86_64",
"product_id": "rubygem-nio4r-debuginfo-0:2.4.0-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-nio4r-debuginfo@2.4.0-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-unf_ext-0:0.0.7.6-1.el8cf.x86_64",
"product": {
"name": "rubygem-unf_ext-0:0.0.7.6-1.el8cf.x86_64",
"product_id": "rubygem-unf_ext-0:0.0.7.6-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-unf_ext@0.0.7.6-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-unf_ext-debugsource-0:0.0.7.6-1.el8cf.x86_64",
"product": {
"name": "rubygem-unf_ext-debugsource-0:0.0.7.6-1.el8cf.x86_64",
"product_id": "rubygem-unf_ext-debugsource-0:0.0.7.6-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-unf_ext-debugsource@0.0.7.6-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-unf_ext-debuginfo-0:0.0.7.6-1.el8cf.x86_64",
"product": {
"name": "rubygem-unf_ext-debuginfo-0:0.0.7.6-1.el8cf.x86_64",
"product_id": "rubygem-unf_ext-debuginfo-0:0.0.7.6-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-unf_ext-debuginfo@0.0.7.6-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-byebug-0:11.0.1-1.el8cf.x86_64",
"product": {
"name": "rubygem-byebug-0:11.0.1-1.el8cf.x86_64",
"product_id": "rubygem-byebug-0:11.0.1-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-byebug@11.0.1-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-byebug-debugsource-0:11.0.1-1.el8cf.x86_64",
"product": {
"name": "rubygem-byebug-debugsource-0:11.0.1-1.el8cf.x86_64",
"product_id": "rubygem-byebug-debugsource-0:11.0.1-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-byebug-debugsource@11.0.1-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-byebug-debuginfo-0:11.0.1-1.el8cf.x86_64",
"product": {
"name": "rubygem-byebug-debuginfo-0:11.0.1-1.el8cf.x86_64",
"product_id": "rubygem-byebug-debuginfo-0:11.0.1-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-byebug-debuginfo@11.0.1-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-ovirt-engine-sdk4-0:4.3.2-1.el8ev.x86_64",
"product": {
"name": "python3-ovirt-engine-sdk4-0:4.3.2-1.el8ev.x86_64",
"product_id": "python3-ovirt-engine-sdk4-0:4.3.2-1.el8ev.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-ovirt-engine-sdk4@4.3.2-1.el8ev?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-ovirt-engine-sdk4-debugsource-0:4.3.2-1.el8ev.x86_64",
"product": {
"name": "python3-ovirt-engine-sdk4-debugsource-0:4.3.2-1.el8ev.x86_64",
"product_id": "python3-ovirt-engine-sdk4-debugsource-0:4.3.2-1.el8ev.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-ovirt-engine-sdk4-debugsource@4.3.2-1.el8ev?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-ovirt-engine-sdk4-debuginfo-0:4.3.2-1.el8ev.x86_64",
"product": {
"name": "python3-ovirt-engine-sdk4-debuginfo-0:4.3.2-1.el8ev.x86_64",
"product_id": "python3-ovirt-engine-sdk4-debuginfo-0:4.3.2-1.el8ev.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-ovirt-engine-sdk4-debuginfo@4.3.2-1.el8ev?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-rugged-0:0.28.2-1.el8cf.x86_64",
"product": {
"name": "rubygem-rugged-0:0.28.2-1.el8cf.x86_64",
"product_id": "rubygem-rugged-0:0.28.2-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-rugged@0.28.2-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-rugged-debugsource-0:0.28.2-1.el8cf.x86_64",
"product": {
"name": "rubygem-rugged-debugsource-0:0.28.2-1.el8cf.x86_64",
"product_id": "rubygem-rugged-debugsource-0:0.28.2-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-rugged-debugsource@0.28.2-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-rugged-debuginfo-0:0.28.2-1.el8cf.x86_64",
"product": {
"name": "rubygem-rugged-debuginfo-0:0.28.2-1.el8cf.x86_64",
"product_id": "rubygem-rugged-debuginfo-0:0.28.2-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-rugged-debuginfo@0.28.2-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-ovirt-engine-sdk4-0:4.3.0-1.el8cf.x86_64",
"product": {
"name": "rubygem-ovirt-engine-sdk4-0:4.3.0-1.el8cf.x86_64",
"product_id": "rubygem-ovirt-engine-sdk4-0:4.3.0-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-ovirt-engine-sdk4@4.3.0-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-ovirt-engine-sdk4-debugsource-0:4.3.0-1.el8cf.x86_64",
"product": {
"name": "rubygem-ovirt-engine-sdk4-debugsource-0:4.3.0-1.el8cf.x86_64",
"product_id": "rubygem-ovirt-engine-sdk4-debugsource-0:4.3.0-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-ovirt-engine-sdk4-debugsource@4.3.0-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rubygem-ovirt-engine-sdk4-debuginfo-0:4.3.0-1.el8cf.x86_64",
"product": {
"name": "rubygem-ovirt-engine-sdk4-debuginfo-0:4.3.0-1.el8cf.x86_64",
"product_id": "rubygem-ovirt-engine-sdk4-debuginfo-0:4.3.0-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-ovirt-engine-sdk4-debuginfo@4.3.0-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ansible-tower-venv-ansible-0:3.5.2-1.el8at.x86_64",
"product": {
"name": "ansible-tower-venv-ansible-0:3.5.2-1.el8at.x86_64",
"product_id": "ansible-tower-venv-ansible-0:3.5.2-1.el8at.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ansible-tower-venv-ansible@3.5.2-1.el8at?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cfme-gemset-0:5.11.0.28-1.el8cf.x86_64",
"product": {
"name": "cfme-gemset-0:5.11.0.28-1.el8cf.x86_64",
"product_id": "cfme-gemset-0:5.11.0.28-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cfme-gemset@5.11.0.28-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cfme-appliance-0:5.11.0.28-1.el8cf.x86_64",
"product": {
"name": "cfme-appliance-0:5.11.0.28-1.el8cf.x86_64",
"product_id": "cfme-appliance-0:5.11.0.28-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cfme-appliance@5.11.0.28-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cfme-appliance-common-0:5.11.0.28-1.el8cf.x86_64",
"product": {
"name": "cfme-appliance-common-0:5.11.0.28-1.el8cf.x86_64",
"product_id": "cfme-appliance-common-0:5.11.0.28-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cfme-appliance-common@5.11.0.28-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cfme-appliance-tools-0:5.11.0.28-1.el8cf.x86_64",
"product": {
"name": "cfme-appliance-tools-0:5.11.0.28-1.el8cf.x86_64",
"product_id": "cfme-appliance-tools-0:5.11.0.28-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cfme-appliance-tools@5.11.0.28-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cfme-0:5.11.0.28-1.el8cf.x86_64",
"product": {
"name": "cfme-0:5.11.0.28-1.el8cf.x86_64",
"product_id": "cfme-0:5.11.0.28-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cfme@5.11.0.28-1.el8cf?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cfme-amazon-smartstate-0:5.11.0.28-1.el8cf.x86_64",
"product": {
"name": "cfme-amazon-smartstate-0:5.11.0.28-1.el8cf.x86_64",
"product_id": "cfme-amazon-smartstate-0:5.11.0.28-1.el8cf.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cfme-amazon-smartstate@5.11.0.28-1.el8cf?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-runner-0:1.3.4-2.el8ar.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:ansible-runner-0:1.3.4-2.el8ar.noarch"
},
"product_reference": "ansible-runner-0:1.3.4-2.el8ar.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-runner-0:1.3.4-2.el8ar.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:ansible-runner-0:1.3.4-2.el8ar.src"
},
"product_reference": "ansible-runner-0:1.3.4-2.el8ar.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-tower-venv-ansible-0:3.5.2-1.el8at.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:ansible-tower-venv-ansible-0:3.5.2-1.el8at.x86_64"
},
"product_reference": "ansible-tower-venv-ansible-0:3.5.2-1.el8at.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cfme-0:5.11.0.28-1.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:cfme-0:5.11.0.28-1.el8cf.src"
},
"product_reference": "cfme-0:5.11.0.28-1.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cfme-0:5.11.0.28-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:cfme-0:5.11.0.28-1.el8cf.x86_64"
},
"product_reference": "cfme-0:5.11.0.28-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cfme-amazon-smartstate-0:5.11.0.28-1.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:cfme-amazon-smartstate-0:5.11.0.28-1.el8cf.src"
},
"product_reference": "cfme-amazon-smartstate-0:5.11.0.28-1.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cfme-amazon-smartstate-0:5.11.0.28-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:cfme-amazon-smartstate-0:5.11.0.28-1.el8cf.x86_64"
},
"product_reference": "cfme-amazon-smartstate-0:5.11.0.28-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cfme-appliance-0:5.11.0.28-1.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:cfme-appliance-0:5.11.0.28-1.el8cf.src"
},
"product_reference": "cfme-appliance-0:5.11.0.28-1.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cfme-appliance-0:5.11.0.28-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:cfme-appliance-0:5.11.0.28-1.el8cf.x86_64"
},
"product_reference": "cfme-appliance-0:5.11.0.28-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cfme-appliance-common-0:5.11.0.28-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:cfme-appliance-common-0:5.11.0.28-1.el8cf.x86_64"
},
"product_reference": "cfme-appliance-common-0:5.11.0.28-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cfme-appliance-tools-0:5.11.0.28-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:cfme-appliance-tools-0:5.11.0.28-1.el8cf.x86_64"
},
"product_reference": "cfme-appliance-tools-0:5.11.0.28-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cfme-gemset-0:5.11.0.28-1.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:cfme-gemset-0:5.11.0.28-1.el8cf.src"
},
"product_reference": "cfme-gemset-0:5.11.0.28-1.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cfme-gemset-0:5.11.0.28-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:cfme-gemset-0:5.11.0.28-1.el8cf.x86_64"
},
"product_reference": "cfme-gemset-0:5.11.0.28-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-ansible-cluster-upgrade-0:1.1.13-1.el8ev.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:ovirt-ansible-cluster-upgrade-0:1.1.13-1.el8ev.noarch"
},
"product_reference": "ovirt-ansible-cluster-upgrade-0:1.1.13-1.el8ev.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-ansible-cluster-upgrade-0:1.1.13-1.el8ev.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:ovirt-ansible-cluster-upgrade-0:1.1.13-1.el8ev.src"
},
"product_reference": "ovirt-ansible-cluster-upgrade-0:1.1.13-1.el8ev.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-ansible-disaster-recovery-0:1.2.0-1.el8ev.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:ovirt-ansible-disaster-recovery-0:1.2.0-1.el8ev.noarch"
},
"product_reference": "ovirt-ansible-disaster-recovery-0:1.2.0-1.el8ev.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-ansible-disaster-recovery-0:1.2.0-1.el8ev.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:ovirt-ansible-disaster-recovery-0:1.2.0-1.el8ev.src"
},
"product_reference": "ovirt-ansible-disaster-recovery-0:1.2.0-1.el8ev.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-ansible-engine-setup-0:1.1.9-1.el8ev.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:ovirt-ansible-engine-setup-0:1.1.9-1.el8ev.noarch"
},
"product_reference": "ovirt-ansible-engine-setup-0:1.1.9-1.el8ev.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-ansible-engine-setup-0:1.1.9-1.el8ev.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:ovirt-ansible-engine-setup-0:1.1.9-1.el8ev.src"
},
"product_reference": "ovirt-ansible-engine-setup-0:1.1.9-1.el8ev.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-ansible-hosted-engine-setup-0:1.0.26-1.el8ev.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:ovirt-ansible-hosted-engine-setup-0:1.0.26-1.el8ev.noarch"
},
"product_reference": "ovirt-ansible-hosted-engine-setup-0:1.0.26-1.el8ev.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-ansible-hosted-engine-setup-0:1.0.26-1.el8ev.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:ovirt-ansible-hosted-engine-setup-0:1.0.26-1.el8ev.src"
},
"product_reference": "ovirt-ansible-hosted-engine-setup-0:1.0.26-1.el8ev.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-ansible-image-template-0:1.1.11-1.el8ev.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:ovirt-ansible-image-template-0:1.1.11-1.el8ev.noarch"
},
"product_reference": "ovirt-ansible-image-template-0:1.1.11-1.el8ev.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-ansible-image-template-0:1.1.11-1.el8ev.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:ovirt-ansible-image-template-0:1.1.11-1.el8ev.src"
},
"product_reference": "ovirt-ansible-image-template-0:1.1.11-1.el8ev.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-ansible-infra-0:1.1.12-1.el8ev.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:ovirt-ansible-infra-0:1.1.12-1.el8ev.noarch"
},
"product_reference": "ovirt-ansible-infra-0:1.1.12-1.el8ev.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-ansible-infra-0:1.1.12-1.el8ev.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:ovirt-ansible-infra-0:1.1.12-1.el8ev.src"
},
"product_reference": "ovirt-ansible-infra-0:1.1.12-1.el8ev.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-ansible-manageiq-0:1.1.14-1.el8ev.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:ovirt-ansible-manageiq-0:1.1.14-1.el8ev.noarch"
},
"product_reference": "ovirt-ansible-manageiq-0:1.1.14-1.el8ev.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-ansible-manageiq-0:1.1.14-1.el8ev.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:ovirt-ansible-manageiq-0:1.1.14-1.el8ev.src"
},
"product_reference": "ovirt-ansible-manageiq-0:1.1.14-1.el8ev.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-ansible-repositories-0:1.1.5-1.el8ev.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:ovirt-ansible-repositories-0:1.1.5-1.el8ev.noarch"
},
"product_reference": "ovirt-ansible-repositories-0:1.1.5-1.el8ev.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-ansible-repositories-0:1.1.5-1.el8ev.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:ovirt-ansible-repositories-0:1.1.5-1.el8ev.src"
},
"product_reference": "ovirt-ansible-repositories-0:1.1.5-1.el8ev.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-ansible-roles-0:1.1.7-2.el8ev.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:ovirt-ansible-roles-0:1.1.7-2.el8ev.noarch"
},
"product_reference": "ovirt-ansible-roles-0:1.1.7-2.el8ev.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-ansible-roles-0:1.1.7-2.el8ev.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:ovirt-ansible-roles-0:1.1.7-2.el8ev.src"
},
"product_reference": "ovirt-ansible-roles-0:1.1.7-2.el8ev.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-ansible-shutdown-env-0:1.0.3-1.el8ev.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:ovirt-ansible-shutdown-env-0:1.0.3-1.el8ev.noarch"
},
"product_reference": "ovirt-ansible-shutdown-env-0:1.0.3-1.el8ev.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-ansible-shutdown-env-0:1.0.3-1.el8ev.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:ovirt-ansible-shutdown-env-0:1.0.3-1.el8ev.src"
},
"product_reference": "ovirt-ansible-shutdown-env-0:1.0.3-1.el8ev.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-ansible-vm-infra-0:1.1.19-1.el8ev.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:ovirt-ansible-vm-infra-0:1.1.19-1.el8ev.noarch"
},
"product_reference": "ovirt-ansible-vm-infra-0:1.1.19-1.el8ev.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovirt-ansible-vm-infra-0:1.1.19-1.el8ev.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:ovirt-ansible-vm-infra-0:1.1.19-1.el8ev.src"
},
"product_reference": "ovirt-ansible-vm-infra-0:1.1.19-1.el8ev.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prince-0:12.4-1.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:prince-0:12.4-1.el8cf.src"
},
"product_reference": "prince-0:12.4-1.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prince-0:12.4-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:prince-0:12.4-1.el8cf.x86_64"
},
"product_reference": "prince-0:12.4-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-bambou-0:3.0.1-2.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python-bambou-0:3.0.1-2.el8cf.src"
},
"product_reference": "python-bambou-0:3.0.1-2.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-colorama-0:0.4.1-1.el8ost.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python-colorama-0:0.4.1-1.el8ost.src"
},
"product_reference": "python-colorama-0:0.4.1-1.el8ost.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-daemon-0:2.1.2-9.el8ar.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python-daemon-0:2.1.2-9.el8ar.src"
},
"product_reference": "python-daemon-0:2.1.2-9.el8ar.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-funcsigs-0:1.0.2-3.el8ost.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python-funcsigs-0:1.0.2-3.el8ost.src"
},
"product_reference": "python-funcsigs-0:1.0.2-3.el8ost.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-future-0:0.16.0-1.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python-future-0:0.16.0-1.el8cf.src"
},
"product_reference": "python-future-0:0.16.0-1.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-lockfile-1:0.11.0-8.el8ar.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python-lockfile-1:0.11.0-8.el8ar.src"
},
"product_reference": "python-lockfile-1:0.11.0-8.el8ar.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-mock-0:2.0.0-11.el8ost.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python-mock-0:2.0.0-11.el8ost.src"
},
"product_reference": "python-mock-0:2.0.0-11.el8ost.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pbr-0:5.1.2-2.el8ost.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python-pbr-0:5.1.2-2.el8ost.src"
},
"product_reference": "python-pbr-0:5.1.2-2.el8ost.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pexpect-0:4.6-2.el8ar.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python-pexpect-0:4.6-2.el8ar.src"
},
"product_reference": "python-pexpect-0:4.6-2.el8ar.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-psutil-0:5.4.3-5.el8ar.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python-psutil-0:5.4.3-5.el8ar.src"
},
"product_reference": "python-psutil-0:5.4.3-5.el8ar.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-psutil-debugsource-0:5.4.3-5.el8ar.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python-psutil-debugsource-0:5.4.3-5.el8ar.x86_64"
},
"product_reference": "python-psutil-debugsource-0:5.4.3-5.el8ar.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-pylxca-0:2.1.1-2.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python-pylxca-0:2.1.1-2.el8cf.src"
},
"product_reference": "python-pylxca-0:2.1.1-2.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-requests-toolbelt-0:0.8.0-2.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python-requests-toolbelt-0:0.8.0-2.el8cf.src"
},
"product_reference": "python-requests-toolbelt-0:0.8.0-2.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-tabulate-0:0.8.2-1.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python-tabulate-0:0.8.2-1.el8cf.src"
},
"product_reference": "python-tabulate-0:0.8.2-1.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-vspk-0:5.3.2-2.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python-vspk-0:5.3.2-2.el8cf.src"
},
"product_reference": "python-vspk-0:5.3.2-2.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-ansible-runner-0:1.3.4-2.el8ar.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python3-ansible-runner-0:1.3.4-2.el8ar.noarch"
},
"product_reference": "python3-ansible-runner-0:1.3.4-2.el8ar.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-bambou-0:3.0.1-2.el8cf.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python3-bambou-0:3.0.1-2.el8cf.noarch"
},
"product_reference": "python3-bambou-0:3.0.1-2.el8cf.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-colorama-0:0.4.1-1.el8ost.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python3-colorama-0:0.4.1-1.el8ost.noarch"
},
"product_reference": "python3-colorama-0:0.4.1-1.el8ost.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-daemon-0:2.1.2-9.el8ar.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python3-daemon-0:2.1.2-9.el8ar.noarch"
},
"product_reference": "python3-daemon-0:2.1.2-9.el8ar.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-funcsigs-0:1.0.2-3.el8ost.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python3-funcsigs-0:1.0.2-3.el8ost.noarch"
},
"product_reference": "python3-funcsigs-0:1.0.2-3.el8ost.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-future-0:0.16.0-1.el8cf.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python3-future-0:0.16.0-1.el8cf.noarch"
},
"product_reference": "python3-future-0:0.16.0-1.el8cf.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-lockfile-1:0.11.0-8.el8ar.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python3-lockfile-1:0.11.0-8.el8ar.noarch"
},
"product_reference": "python3-lockfile-1:0.11.0-8.el8ar.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-mock-0:2.0.0-11.el8ost.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python3-mock-0:2.0.0-11.el8ost.noarch"
},
"product_reference": "python3-mock-0:2.0.0-11.el8ost.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-ovirt-engine-sdk4-0:4.3.2-1.el8ev.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python3-ovirt-engine-sdk4-0:4.3.2-1.el8ev.src"
},
"product_reference": "python3-ovirt-engine-sdk4-0:4.3.2-1.el8ev.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-ovirt-engine-sdk4-0:4.3.2-1.el8ev.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python3-ovirt-engine-sdk4-0:4.3.2-1.el8ev.x86_64"
},
"product_reference": "python3-ovirt-engine-sdk4-0:4.3.2-1.el8ev.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-ovirt-engine-sdk4-debuginfo-0:4.3.2-1.el8ev.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python3-ovirt-engine-sdk4-debuginfo-0:4.3.2-1.el8ev.x86_64"
},
"product_reference": "python3-ovirt-engine-sdk4-debuginfo-0:4.3.2-1.el8ev.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-ovirt-engine-sdk4-debugsource-0:4.3.2-1.el8ev.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python3-ovirt-engine-sdk4-debugsource-0:4.3.2-1.el8ev.x86_64"
},
"product_reference": "python3-ovirt-engine-sdk4-debugsource-0:4.3.2-1.el8ev.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pbr-0:5.1.2-2.el8ost.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python3-pbr-0:5.1.2-2.el8ost.noarch"
},
"product_reference": "python3-pbr-0:5.1.2-2.el8ost.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pexpect-0:4.6-2.el8ar.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python3-pexpect-0:4.6-2.el8ar.noarch"
},
"product_reference": "python3-pexpect-0:4.6-2.el8ar.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-psutil-0:5.4.3-5.el8ar.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python3-psutil-0:5.4.3-5.el8ar.x86_64"
},
"product_reference": "python3-psutil-0:5.4.3-5.el8ar.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-psutil-debuginfo-0:5.4.3-5.el8ar.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python3-psutil-debuginfo-0:5.4.3-5.el8ar.x86_64"
},
"product_reference": "python3-psutil-debuginfo-0:5.4.3-5.el8ar.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-pylxca-0:2.1.1-2.el8cf.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python3-pylxca-0:2.1.1-2.el8cf.noarch"
},
"product_reference": "python3-pylxca-0:2.1.1-2.el8cf.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-qpid-proton-debuginfo-0:0.28.0-1.el8.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python3-qpid-proton-debuginfo-0:0.28.0-1.el8.x86_64"
},
"product_reference": "python3-qpid-proton-debuginfo-0:0.28.0-1.el8.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-requests-toolbelt-0:0.8.0-2.el8cf.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python3-requests-toolbelt-0:0.8.0-2.el8cf.noarch"
},
"product_reference": "python3-requests-toolbelt-0:0.8.0-2.el8cf.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-tabulate-0:0.8.2-1.el8cf.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python3-tabulate-0:0.8.2-1.el8cf.noarch"
},
"product_reference": "python3-tabulate-0:0.8.2-1.el8cf.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-vspk-0:5.3.2-2.el8cf.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:python3-vspk-0:5.3.2-2.el8cf.noarch"
},
"product_reference": "python3-vspk-0:5.3.2-2.el8cf.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-0:0.28.0-1.el8.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:qpid-proton-0:0.28.0-1.el8.src"
},
"product_reference": "qpid-proton-0:0.28.0-1.el8.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-c-0:0.28.0-1.el8.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:qpid-proton-c-0:0.28.0-1.el8.x86_64"
},
"product_reference": "qpid-proton-c-0:0.28.0-1.el8.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-c-debuginfo-0:0.28.0-1.el8.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:qpid-proton-c-debuginfo-0:0.28.0-1.el8.x86_64"
},
"product_reference": "qpid-proton-c-debuginfo-0:0.28.0-1.el8.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-c-devel-0:0.28.0-1.el8.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:qpid-proton-c-devel-0:0.28.0-1.el8.x86_64"
},
"product_reference": "qpid-proton-c-devel-0:0.28.0-1.el8.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-c-docs-0:0.28.0-1.el8.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:qpid-proton-c-docs-0:0.28.0-1.el8.noarch"
},
"product_reference": "qpid-proton-c-docs-0:0.28.0-1.el8.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-cpp-debuginfo-0:0.28.0-1.el8.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:qpid-proton-cpp-debuginfo-0:0.28.0-1.el8.x86_64"
},
"product_reference": "qpid-proton-cpp-debuginfo-0:0.28.0-1.el8.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-debuginfo-0:0.28.0-1.el8.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:qpid-proton-debuginfo-0:0.28.0-1.el8.x86_64"
},
"product_reference": "qpid-proton-debuginfo-0:0.28.0-1.el8.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "qpid-proton-debugsource-0:0.28.0-1.el8.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:qpid-proton-debugsource-0:0.28.0-1.el8.x86_64"
},
"product_reference": "qpid-proton-debugsource-0:0.28.0-1.el8.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "repmgr10-0:4.0.6-3.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:repmgr10-0:4.0.6-3.el8cf.src"
},
"product_reference": "repmgr10-0:4.0.6-3.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "repmgr10-0:4.0.6-3.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:repmgr10-0:4.0.6-3.el8cf.x86_64"
},
"product_reference": "repmgr10-0:4.0.6-3.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "repmgr10-debuginfo-0:4.0.6-3.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:repmgr10-debuginfo-0:4.0.6-3.el8cf.x86_64"
},
"product_reference": "repmgr10-debuginfo-0:4.0.6-3.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "repmgr10-debugsource-0:4.0.6-3.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:repmgr10-debugsource-0:4.0.6-3.el8cf.x86_64"
},
"product_reference": "repmgr10-debugsource-0:4.0.6-3.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-bcrypt-0:3.1.13-1.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-bcrypt-0:3.1.13-1.el8cf.src"
},
"product_reference": "rubygem-bcrypt-0:3.1.13-1.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-bcrypt-0:3.1.13-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-bcrypt-0:3.1.13-1.el8cf.x86_64"
},
"product_reference": "rubygem-bcrypt-0:3.1.13-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-bcrypt-debuginfo-0:3.1.13-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-bcrypt-debuginfo-0:3.1.13-1.el8cf.x86_64"
},
"product_reference": "rubygem-bcrypt-debuginfo-0:3.1.13-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-bcrypt-debugsource-0:3.1.13-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-bcrypt-debugsource-0:3.1.13-1.el8cf.x86_64"
},
"product_reference": "rubygem-bcrypt-debugsource-0:3.1.13-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-bcrypt-doc-0:3.1.13-1.el8cf.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-bcrypt-doc-0:3.1.13-1.el8cf.noarch"
},
"product_reference": "rubygem-bcrypt-doc-0:3.1.13-1.el8cf.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-byebug-0:11.0.1-1.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-byebug-0:11.0.1-1.el8cf.src"
},
"product_reference": "rubygem-byebug-0:11.0.1-1.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-byebug-0:11.0.1-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-byebug-0:11.0.1-1.el8cf.x86_64"
},
"product_reference": "rubygem-byebug-0:11.0.1-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-byebug-debuginfo-0:11.0.1-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-byebug-debuginfo-0:11.0.1-1.el8cf.x86_64"
},
"product_reference": "rubygem-byebug-debuginfo-0:11.0.1-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-byebug-debugsource-0:11.0.1-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-byebug-debugsource-0:11.0.1-1.el8cf.x86_64"
},
"product_reference": "rubygem-byebug-debugsource-0:11.0.1-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-byebug-doc-0:11.0.1-1.el8cf.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-byebug-doc-0:11.0.1-1.el8cf.noarch"
},
"product_reference": "rubygem-byebug-doc-0:11.0.1-1.el8cf.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-escape_utils-0:1.2.1-1.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-escape_utils-0:1.2.1-1.el8cf.src"
},
"product_reference": "rubygem-escape_utils-0:1.2.1-1.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-escape_utils-0:1.2.1-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-escape_utils-0:1.2.1-1.el8cf.x86_64"
},
"product_reference": "rubygem-escape_utils-0:1.2.1-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-escape_utils-debuginfo-0:1.2.1-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-escape_utils-debuginfo-0:1.2.1-1.el8cf.x86_64"
},
"product_reference": "rubygem-escape_utils-debuginfo-0:1.2.1-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-escape_utils-debugsource-0:1.2.1-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-escape_utils-debugsource-0:1.2.1-1.el8cf.x86_64"
},
"product_reference": "rubygem-escape_utils-debugsource-0:1.2.1-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-escape_utils-doc-0:1.2.1-1.el8cf.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-escape_utils-doc-0:1.2.1-1.el8cf.noarch"
},
"product_reference": "rubygem-escape_utils-doc-0:1.2.1-1.el8cf.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-ffi-0:1.9.25-1.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-ffi-0:1.9.25-1.el8cf.src"
},
"product_reference": "rubygem-ffi-0:1.9.25-1.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-ffi-0:1.9.25-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-ffi-0:1.9.25-1.el8cf.x86_64"
},
"product_reference": "rubygem-ffi-0:1.9.25-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-ffi-debuginfo-0:1.9.25-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-ffi-debuginfo-0:1.9.25-1.el8cf.x86_64"
},
"product_reference": "rubygem-ffi-debuginfo-0:1.9.25-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-ffi-debugsource-0:1.9.25-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-ffi-debugsource-0:1.9.25-1.el8cf.x86_64"
},
"product_reference": "rubygem-ffi-debugsource-0:1.9.25-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-ffi-doc-0:1.9.25-1.el8cf.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-ffi-doc-0:1.9.25-1.el8cf.noarch"
},
"product_reference": "rubygem-ffi-doc-0:1.9.25-1.el8cf.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-hamlit-0:2.8.10-1.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-hamlit-0:2.8.10-1.el8cf.src"
},
"product_reference": "rubygem-hamlit-0:2.8.10-1.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-hamlit-0:2.8.10-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-hamlit-0:2.8.10-1.el8cf.x86_64"
},
"product_reference": "rubygem-hamlit-0:2.8.10-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-hamlit-debuginfo-0:2.8.10-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-hamlit-debuginfo-0:2.8.10-1.el8cf.x86_64"
},
"product_reference": "rubygem-hamlit-debuginfo-0:2.8.10-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-hamlit-debugsource-0:2.8.10-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-hamlit-debugsource-0:2.8.10-1.el8cf.x86_64"
},
"product_reference": "rubygem-hamlit-debugsource-0:2.8.10-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-hamlit-doc-0:2.8.10-1.el8cf.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-hamlit-doc-0:2.8.10-1.el8cf.noarch"
},
"product_reference": "rubygem-hamlit-doc-0:2.8.10-1.el8cf.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-http_parser.rb-0:0.6.0-1.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-http_parser.rb-0:0.6.0-1.el8cf.src"
},
"product_reference": "rubygem-http_parser.rb-0:0.6.0-1.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-http_parser.rb-0:0.6.0-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-http_parser.rb-0:0.6.0-1.el8cf.x86_64"
},
"product_reference": "rubygem-http_parser.rb-0:0.6.0-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-http_parser.rb-debuginfo-0:0.6.0-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-http_parser.rb-debuginfo-0:0.6.0-1.el8cf.x86_64"
},
"product_reference": "rubygem-http_parser.rb-debuginfo-0:0.6.0-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-http_parser.rb-debugsource-0:0.6.0-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-http_parser.rb-debugsource-0:0.6.0-1.el8cf.x86_64"
},
"product_reference": "rubygem-http_parser.rb-debugsource-0:0.6.0-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-http_parser.rb-doc-0:0.6.0-1.el8cf.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-http_parser.rb-doc-0:0.6.0-1.el8cf.noarch"
},
"product_reference": "rubygem-http_parser.rb-doc-0:0.6.0-1.el8cf.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-linux_block_device-0:0.2.1-1.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-linux_block_device-0:0.2.1-1.el8cf.src"
},
"product_reference": "rubygem-linux_block_device-0:0.2.1-1.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-linux_block_device-0:0.2.1-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-linux_block_device-0:0.2.1-1.el8cf.x86_64"
},
"product_reference": "rubygem-linux_block_device-0:0.2.1-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-linux_block_device-debuginfo-0:0.2.1-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-linux_block_device-debuginfo-0:0.2.1-1.el8cf.x86_64"
},
"product_reference": "rubygem-linux_block_device-debuginfo-0:0.2.1-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-linux_block_device-debugsource-0:0.2.1-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-linux_block_device-debugsource-0:0.2.1-1.el8cf.x86_64"
},
"product_reference": "rubygem-linux_block_device-debugsource-0:0.2.1-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-linux_block_device-doc-0:0.2.1-1.el8cf.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-linux_block_device-doc-0:0.2.1-1.el8cf.noarch"
},
"product_reference": "rubygem-linux_block_device-doc-0:0.2.1-1.el8cf.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-memory_buffer-0:0.1.0-2.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-memory_buffer-0:0.1.0-2.el8cf.src"
},
"product_reference": "rubygem-memory_buffer-0:0.1.0-2.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-memory_buffer-0:0.1.0-2.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-memory_buffer-0:0.1.0-2.el8cf.x86_64"
},
"product_reference": "rubygem-memory_buffer-0:0.1.0-2.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-memory_buffer-debuginfo-0:0.1.0-2.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-memory_buffer-debuginfo-0:0.1.0-2.el8cf.x86_64"
},
"product_reference": "rubygem-memory_buffer-debuginfo-0:0.1.0-2.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-memory_buffer-debugsource-0:0.1.0-2.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-memory_buffer-debugsource-0:0.1.0-2.el8cf.x86_64"
},
"product_reference": "rubygem-memory_buffer-debugsource-0:0.1.0-2.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-memory_buffer-doc-0:0.1.0-2.el8cf.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-memory_buffer-doc-0:0.1.0-2.el8cf.noarch"
},
"product_reference": "rubygem-memory_buffer-doc-0:0.1.0-2.el8cf.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-nio4r-0:2.4.0-1.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-nio4r-0:2.4.0-1.el8cf.src"
},
"product_reference": "rubygem-nio4r-0:2.4.0-1.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-nio4r-0:2.4.0-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-nio4r-0:2.4.0-1.el8cf.x86_64"
},
"product_reference": "rubygem-nio4r-0:2.4.0-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-nio4r-debuginfo-0:2.4.0-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-nio4r-debuginfo-0:2.4.0-1.el8cf.x86_64"
},
"product_reference": "rubygem-nio4r-debuginfo-0:2.4.0-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-nio4r-debugsource-0:2.4.0-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-nio4r-debugsource-0:2.4.0-1.el8cf.x86_64"
},
"product_reference": "rubygem-nio4r-debugsource-0:2.4.0-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-nio4r-doc-0:2.4.0-1.el8cf.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-nio4r-doc-0:2.4.0-1.el8cf.noarch"
},
"product_reference": "rubygem-nio4r-doc-0:2.4.0-1.el8cf.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-nokogiri-0:1.8.5-1.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-nokogiri-0:1.8.5-1.el8cf.src"
},
"product_reference": "rubygem-nokogiri-0:1.8.5-1.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-nokogiri-0:1.8.5-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-nokogiri-0:1.8.5-1.el8cf.x86_64"
},
"product_reference": "rubygem-nokogiri-0:1.8.5-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-nokogiri-debuginfo-0:1.8.5-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-nokogiri-debuginfo-0:1.8.5-1.el8cf.x86_64"
},
"product_reference": "rubygem-nokogiri-debuginfo-0:1.8.5-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-nokogiri-debugsource-0:1.8.5-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-nokogiri-debugsource-0:1.8.5-1.el8cf.x86_64"
},
"product_reference": "rubygem-nokogiri-debugsource-0:1.8.5-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-nokogiri-doc-0:1.8.5-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-nokogiri-doc-0:1.8.5-1.el8cf.x86_64"
},
"product_reference": "rubygem-nokogiri-doc-0:1.8.5-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-ovirt-engine-sdk4-0:4.3.0-1.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-0:4.3.0-1.el8cf.src"
},
"product_reference": "rubygem-ovirt-engine-sdk4-0:4.3.0-1.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-ovirt-engine-sdk4-0:4.3.0-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-0:4.3.0-1.el8cf.x86_64"
},
"product_reference": "rubygem-ovirt-engine-sdk4-0:4.3.0-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-ovirt-engine-sdk4-debuginfo-0:4.3.0-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-debuginfo-0:4.3.0-1.el8cf.x86_64"
},
"product_reference": "rubygem-ovirt-engine-sdk4-debuginfo-0:4.3.0-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-ovirt-engine-sdk4-debugsource-0:4.3.0-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-debugsource-0:4.3.0-1.el8cf.x86_64"
},
"product_reference": "rubygem-ovirt-engine-sdk4-debugsource-0:4.3.0-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-ovirt-engine-sdk4-doc-0:4.3.0-1.el8cf.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-doc-0:4.3.0-1.el8cf.noarch"
},
"product_reference": "rubygem-ovirt-engine-sdk4-doc-0:4.3.0-1.el8cf.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-puma-0:3.7.1-1.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-puma-0:3.7.1-1.el8cf.src"
},
"product_reference": "rubygem-puma-0:3.7.1-1.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-puma-0:3.7.1-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-puma-0:3.7.1-1.el8cf.x86_64"
},
"product_reference": "rubygem-puma-0:3.7.1-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-puma-debuginfo-0:3.7.1-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-puma-debuginfo-0:3.7.1-1.el8cf.x86_64"
},
"product_reference": "rubygem-puma-debuginfo-0:3.7.1-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-puma-debugsource-0:3.7.1-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-puma-debugsource-0:3.7.1-1.el8cf.x86_64"
},
"product_reference": "rubygem-puma-debugsource-0:3.7.1-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-puma-doc-0:3.7.1-1.el8cf.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-puma-doc-0:3.7.1-1.el8cf.noarch"
},
"product_reference": "rubygem-puma-doc-0:3.7.1-1.el8cf.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-qpid_proton-0:0.26.0-1.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-qpid_proton-0:0.26.0-1.el8cf.src"
},
"product_reference": "rubygem-qpid_proton-0:0.26.0-1.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-qpid_proton-0:0.26.0-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-qpid_proton-0:0.26.0-1.el8cf.x86_64"
},
"product_reference": "rubygem-qpid_proton-0:0.26.0-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-qpid_proton-debuginfo-0:0.26.0-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-qpid_proton-debuginfo-0:0.26.0-1.el8cf.x86_64"
},
"product_reference": "rubygem-qpid_proton-debuginfo-0:0.26.0-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-qpid_proton-debugsource-0:0.26.0-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-qpid_proton-debugsource-0:0.26.0-1.el8cf.x86_64"
},
"product_reference": "rubygem-qpid_proton-debugsource-0:0.26.0-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-qpid_proton-doc-0:0.26.0-1.el8cf.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-qpid_proton-doc-0:0.26.0-1.el8cf.noarch"
},
"product_reference": "rubygem-qpid_proton-doc-0:0.26.0-1.el8cf.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-rugged-0:0.28.2-1.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-rugged-0:0.28.2-1.el8cf.src"
},
"product_reference": "rubygem-rugged-0:0.28.2-1.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-rugged-0:0.28.2-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-rugged-0:0.28.2-1.el8cf.x86_64"
},
"product_reference": "rubygem-rugged-0:0.28.2-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-rugged-debuginfo-0:0.28.2-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-rugged-debuginfo-0:0.28.2-1.el8cf.x86_64"
},
"product_reference": "rubygem-rugged-debuginfo-0:0.28.2-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-rugged-debugsource-0:0.28.2-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-rugged-debugsource-0:0.28.2-1.el8cf.x86_64"
},
"product_reference": "rubygem-rugged-debugsource-0:0.28.2-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-rugged-doc-0:0.28.2-1.el8cf.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-rugged-doc-0:0.28.2-1.el8cf.noarch"
},
"product_reference": "rubygem-rugged-doc-0:0.28.2-1.el8cf.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-sassc-0:2.0.1-1.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-sassc-0:2.0.1-1.el8cf.src"
},
"product_reference": "rubygem-sassc-0:2.0.1-1.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-sassc-0:2.0.1-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-sassc-0:2.0.1-1.el8cf.x86_64"
},
"product_reference": "rubygem-sassc-0:2.0.1-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-sassc-debuginfo-0:2.0.1-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-sassc-debuginfo-0:2.0.1-1.el8cf.x86_64"
},
"product_reference": "rubygem-sassc-debuginfo-0:2.0.1-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-sassc-debugsource-0:2.0.1-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-sassc-debugsource-0:2.0.1-1.el8cf.x86_64"
},
"product_reference": "rubygem-sassc-debugsource-0:2.0.1-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-sassc-doc-0:2.0.1-1.el8cf.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-sassc-doc-0:2.0.1-1.el8cf.noarch"
},
"product_reference": "rubygem-sassc-doc-0:2.0.1-1.el8cf.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-sqlite3-0:1.3.13-2.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-sqlite3-0:1.3.13-2.el8cf.src"
},
"product_reference": "rubygem-sqlite3-0:1.3.13-2.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-sqlite3-0:1.3.13-2.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-sqlite3-0:1.3.13-2.el8cf.x86_64"
},
"product_reference": "rubygem-sqlite3-0:1.3.13-2.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-sqlite3-debuginfo-0:1.3.13-2.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-sqlite3-debuginfo-0:1.3.13-2.el8cf.x86_64"
},
"product_reference": "rubygem-sqlite3-debuginfo-0:1.3.13-2.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-sqlite3-debugsource-0:1.3.13-2.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-sqlite3-debugsource-0:1.3.13-2.el8cf.x86_64"
},
"product_reference": "rubygem-sqlite3-debugsource-0:1.3.13-2.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-sqlite3-doc-0:1.3.13-2.el8cf.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-sqlite3-doc-0:1.3.13-2.el8cf.noarch"
},
"product_reference": "rubygem-sqlite3-doc-0:1.3.13-2.el8cf.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-surro-gate-0:1.0.5-1.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-surro-gate-0:1.0.5-1.el8cf.src"
},
"product_reference": "rubygem-surro-gate-0:1.0.5-1.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-surro-gate-0:1.0.5-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-surro-gate-0:1.0.5-1.el8cf.x86_64"
},
"product_reference": "rubygem-surro-gate-0:1.0.5-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-surro-gate-debuginfo-0:1.0.5-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-surro-gate-debuginfo-0:1.0.5-1.el8cf.x86_64"
},
"product_reference": "rubygem-surro-gate-debuginfo-0:1.0.5-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-surro-gate-debugsource-0:1.0.5-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-surro-gate-debugsource-0:1.0.5-1.el8cf.x86_64"
},
"product_reference": "rubygem-surro-gate-debugsource-0:1.0.5-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-surro-gate-doc-0:1.0.5-1.el8cf.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-surro-gate-doc-0:1.0.5-1.el8cf.noarch"
},
"product_reference": "rubygem-surro-gate-doc-0:1.0.5-1.el8cf.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-unf_ext-0:0.0.7.6-1.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-unf_ext-0:0.0.7.6-1.el8cf.src"
},
"product_reference": "rubygem-unf_ext-0:0.0.7.6-1.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-unf_ext-0:0.0.7.6-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-unf_ext-0:0.0.7.6-1.el8cf.x86_64"
},
"product_reference": "rubygem-unf_ext-0:0.0.7.6-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-unf_ext-debuginfo-0:0.0.7.6-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-unf_ext-debuginfo-0:0.0.7.6-1.el8cf.x86_64"
},
"product_reference": "rubygem-unf_ext-debuginfo-0:0.0.7.6-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-unf_ext-debugsource-0:0.0.7.6-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-unf_ext-debugsource-0:0.0.7.6-1.el8cf.x86_64"
},
"product_reference": "rubygem-unf_ext-debugsource-0:0.0.7.6-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-unf_ext-doc-0:0.0.7.6-1.el8cf.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-unf_ext-doc-0:0.0.7.6-1.el8cf.noarch"
},
"product_reference": "rubygem-unf_ext-doc-0:0.0.7.6-1.el8cf.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-websocket-driver-0:0.6.5-1.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-websocket-driver-0:0.6.5-1.el8cf.src"
},
"product_reference": "rubygem-websocket-driver-0:0.6.5-1.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-websocket-driver-0:0.6.5-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-websocket-driver-0:0.6.5-1.el8cf.x86_64"
},
"product_reference": "rubygem-websocket-driver-0:0.6.5-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-websocket-driver-debuginfo-0:0.6.5-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-websocket-driver-debuginfo-0:0.6.5-1.el8cf.x86_64"
},
"product_reference": "rubygem-websocket-driver-debuginfo-0:0.6.5-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-websocket-driver-debugsource-0:0.6.5-1.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-websocket-driver-debugsource-0:0.6.5-1.el8cf.x86_64"
},
"product_reference": "rubygem-websocket-driver-debugsource-0:0.6.5-1.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-websocket-driver-doc-0:0.6.5-1.el8cf.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:rubygem-websocket-driver-doc-0:0.6.5-1.el8cf.noarch"
},
"product_reference": "rubygem-websocket-driver-doc-0:0.6.5-1.el8cf.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "smem-0:1.4-1.el8cf.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:smem-0:1.4-1.el8cf.noarch"
},
"product_reference": "smem-0:1.4-1.el8cf.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "smem-0:1.4-1.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:smem-0:1.4-1.el8cf.src"
},
"product_reference": "smem-0:1.4-1.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "v2v-conversion-host-0:1.14.2-1.el8ev.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:v2v-conversion-host-0:1.14.2-1.el8ev.src"
},
"product_reference": "v2v-conversion-host-0:1.14.2-1.el8ev.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "v2v-conversion-host-ansible-0:1.14.2-1.el8ev.noarch as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:v2v-conversion-host-ansible-0:1.14.2-1.el8ev.noarch"
},
"product_reference": "v2v-conversion-host-ansible-0:1.14.2-1.el8ev.noarch",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wmi-0:1.3.14-8.el8cf.src as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:wmi-0:1.3.14-8.el8cf.src"
},
"product_reference": "wmi-0:1.3.14-8.el8cf.src",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wmi-0:1.3.14-8.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:wmi-0:1.3.14-8.el8cf.x86_64"
},
"product_reference": "wmi-0:1.3.14-8.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wmi-debuginfo-0:1.3.14-8.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:wmi-debuginfo-0:1.3.14-8.el8cf.x86_64"
},
"product_reference": "wmi-debuginfo-0:1.3.14-8.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "wmi-debugsource-0:1.3.14-8.el8cf.x86_64 as a component of CloudForms Management Engine 5.11",
"product_id": "8Base-CFME-5.11:wmi-debugsource-0:1.3.14-8.el8cf.x86_64"
},
"product_reference": "wmi-debugsource-0:1.3.14-8.el8cf.x86_64",
"relates_to_product_reference": "8Base-CFME-5.11"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-10735",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-01-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1668097"
}
],
"notes": [
{
"category": "description",
"text": "In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: XSS in the data-target attribute",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Satellite 5 is now in Maintenance Support 2 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Satellite 5 Life Cycle: https://access.redhat.com/support/policy/updates/satellite.\n\nRed Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-CFME-5.11:ansible-runner-0:1.3.4-2.el8ar.noarch",
"8Base-CFME-5.11:ansible-runner-0:1.3.4-2.el8ar.src",
"8Base-CFME-5.11:ansible-tower-venv-ansible-0:3.5.2-1.el8at.x86_64",
"8Base-CFME-5.11:cfme-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-amazon-smartstate-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-amazon-smartstate-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-appliance-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-appliance-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-appliance-common-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-appliance-tools-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-gemset-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-gemset-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:ovirt-ansible-cluster-upgrade-0:1.1.13-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-cluster-upgrade-0:1.1.13-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-disaster-recovery-0:1.2.0-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-disaster-recovery-0:1.2.0-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-engine-setup-0:1.1.9-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-engine-setup-0:1.1.9-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-hosted-engine-setup-0:1.0.26-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-hosted-engine-setup-0:1.0.26-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-image-template-0:1.1.11-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-image-template-0:1.1.11-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-infra-0:1.1.12-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-infra-0:1.1.12-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-manageiq-0:1.1.14-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-manageiq-0:1.1.14-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-repositories-0:1.1.5-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-repositories-0:1.1.5-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-roles-0:1.1.7-2.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-roles-0:1.1.7-2.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-shutdown-env-0:1.0.3-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-shutdown-env-0:1.0.3-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-vm-infra-0:1.1.19-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-vm-infra-0:1.1.19-1.el8ev.src",
"8Base-CFME-5.11:prince-0:12.4-1.el8cf.src",
"8Base-CFME-5.11:prince-0:12.4-1.el8cf.x86_64",
"8Base-CFME-5.11:python-bambou-0:3.0.1-2.el8cf.src",
"8Base-CFME-5.11:python-colorama-0:0.4.1-1.el8ost.src",
"8Base-CFME-5.11:python-daemon-0:2.1.2-9.el8ar.src",
"8Base-CFME-5.11:python-funcsigs-0:1.0.2-3.el8ost.src",
"8Base-CFME-5.11:python-future-0:0.16.0-1.el8cf.src",
"8Base-CFME-5.11:python-lockfile-1:0.11.0-8.el8ar.src",
"8Base-CFME-5.11:python-mock-0:2.0.0-11.el8ost.src",
"8Base-CFME-5.11:python-pbr-0:5.1.2-2.el8ost.src",
"8Base-CFME-5.11:python-pexpect-0:4.6-2.el8ar.src",
"8Base-CFME-5.11:python-psutil-0:5.4.3-5.el8ar.src",
"8Base-CFME-5.11:python-psutil-debugsource-0:5.4.3-5.el8ar.x86_64",
"8Base-CFME-5.11:python-pylxca-0:2.1.1-2.el8cf.src",
"8Base-CFME-5.11:python-requests-toolbelt-0:0.8.0-2.el8cf.src",
"8Base-CFME-5.11:python-tabulate-0:0.8.2-1.el8cf.src",
"8Base-CFME-5.11:python-vspk-0:5.3.2-2.el8cf.src",
"8Base-CFME-5.11:python3-ansible-runner-0:1.3.4-2.el8ar.noarch",
"8Base-CFME-5.11:python3-bambou-0:3.0.1-2.el8cf.noarch",
"8Base-CFME-5.11:python3-colorama-0:0.4.1-1.el8ost.noarch",
"8Base-CFME-5.11:python3-daemon-0:2.1.2-9.el8ar.noarch",
"8Base-CFME-5.11:python3-funcsigs-0:1.0.2-3.el8ost.noarch",
"8Base-CFME-5.11:python3-future-0:0.16.0-1.el8cf.noarch",
"8Base-CFME-5.11:python3-lockfile-1:0.11.0-8.el8ar.noarch",
"8Base-CFME-5.11:python3-mock-0:2.0.0-11.el8ost.noarch",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-0:4.3.2-1.el8ev.src",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-0:4.3.2-1.el8ev.x86_64",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-debuginfo-0:4.3.2-1.el8ev.x86_64",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-debugsource-0:4.3.2-1.el8ev.x86_64",
"8Base-CFME-5.11:python3-pbr-0:5.1.2-2.el8ost.noarch",
"8Base-CFME-5.11:python3-pexpect-0:4.6-2.el8ar.noarch",
"8Base-CFME-5.11:python3-psutil-0:5.4.3-5.el8ar.x86_64",
"8Base-CFME-5.11:python3-psutil-debuginfo-0:5.4.3-5.el8ar.x86_64",
"8Base-CFME-5.11:python3-pylxca-0:2.1.1-2.el8cf.noarch",
"8Base-CFME-5.11:python3-qpid-proton-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:python3-requests-toolbelt-0:0.8.0-2.el8cf.noarch",
"8Base-CFME-5.11:python3-tabulate-0:0.8.2-1.el8cf.noarch",
"8Base-CFME-5.11:python3-vspk-0:5.3.2-2.el8cf.noarch",
"8Base-CFME-5.11:qpid-proton-0:0.28.0-1.el8.src",
"8Base-CFME-5.11:qpid-proton-c-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-c-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-c-devel-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-c-docs-0:0.28.0-1.el8.noarch",
"8Base-CFME-5.11:qpid-proton-cpp-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-debugsource-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:repmgr10-0:4.0.6-3.el8cf.src",
"8Base-CFME-5.11:repmgr10-0:4.0.6-3.el8cf.x86_64",
"8Base-CFME-5.11:repmgr10-debuginfo-0:4.0.6-3.el8cf.x86_64",
"8Base-CFME-5.11:repmgr10-debugsource-0:4.0.6-3.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-0:3.1.13-1.el8cf.src",
"8Base-CFME-5.11:rubygem-bcrypt-0:3.1.13-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-debuginfo-0:3.1.13-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-debugsource-0:3.1.13-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-doc-0:3.1.13-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-byebug-0:11.0.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-byebug-0:11.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-byebug-debuginfo-0:11.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-byebug-debugsource-0:11.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-byebug-doc-0:11.0.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-escape_utils-0:1.2.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-escape_utils-0:1.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-escape_utils-debuginfo-0:1.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-escape_utils-debugsource-0:1.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-escape_utils-doc-0:1.2.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-ffi-0:1.9.25-1.el8cf.src",
"8Base-CFME-5.11:rubygem-ffi-0:1.9.25-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ffi-debuginfo-0:1.9.25-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ffi-debugsource-0:1.9.25-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ffi-doc-0:1.9.25-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-hamlit-0:2.8.10-1.el8cf.src",
"8Base-CFME-5.11:rubygem-hamlit-0:2.8.10-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-hamlit-debuginfo-0:2.8.10-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-hamlit-debugsource-0:2.8.10-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-hamlit-doc-0:2.8.10-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-http_parser.rb-0:0.6.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-http_parser.rb-0:0.6.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-http_parser.rb-debuginfo-0:0.6.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-http_parser.rb-debugsource-0:0.6.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-http_parser.rb-doc-0:0.6.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-linux_block_device-0:0.2.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-linux_block_device-0:0.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-linux_block_device-debuginfo-0:0.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-linux_block_device-debugsource-0:0.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-linux_block_device-doc-0:0.2.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-memory_buffer-0:0.1.0-2.el8cf.src",
"8Base-CFME-5.11:rubygem-memory_buffer-0:0.1.0-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-memory_buffer-debuginfo-0:0.1.0-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-memory_buffer-debugsource-0:0.1.0-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-memory_buffer-doc-0:0.1.0-2.el8cf.noarch",
"8Base-CFME-5.11:rubygem-nio4r-0:2.4.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-nio4r-0:2.4.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nio4r-debuginfo-0:2.4.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nio4r-debugsource-0:2.4.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nio4r-doc-0:2.4.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-nokogiri-0:1.8.5-1.el8cf.src",
"8Base-CFME-5.11:rubygem-nokogiri-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nokogiri-debuginfo-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nokogiri-debugsource-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nokogiri-doc-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-0:4.3.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-0:4.3.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-debuginfo-0:4.3.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-debugsource-0:4.3.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-doc-0:4.3.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-puma-0:3.7.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-puma-0:3.7.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-puma-debuginfo-0:3.7.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-puma-debugsource-0:3.7.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-puma-doc-0:3.7.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-qpid_proton-0:0.26.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-qpid_proton-0:0.26.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-qpid_proton-debuginfo-0:0.26.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-qpid_proton-debugsource-0:0.26.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-qpid_proton-doc-0:0.26.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-rugged-0:0.28.2-1.el8cf.src",
"8Base-CFME-5.11:rubygem-rugged-0:0.28.2-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-rugged-debuginfo-0:0.28.2-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-rugged-debugsource-0:0.28.2-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-rugged-doc-0:0.28.2-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-sassc-0:2.0.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-sassc-0:2.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sassc-debuginfo-0:2.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sassc-debugsource-0:2.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sassc-doc-0:2.0.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-sqlite3-0:1.3.13-2.el8cf.src",
"8Base-CFME-5.11:rubygem-sqlite3-0:1.3.13-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sqlite3-debuginfo-0:1.3.13-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sqlite3-debugsource-0:1.3.13-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sqlite3-doc-0:1.3.13-2.el8cf.noarch",
"8Base-CFME-5.11:rubygem-surro-gate-0:1.0.5-1.el8cf.src",
"8Base-CFME-5.11:rubygem-surro-gate-0:1.0.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-surro-gate-debuginfo-0:1.0.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-surro-gate-debugsource-0:1.0.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-surro-gate-doc-0:1.0.5-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-unf_ext-0:0.0.7.6-1.el8cf.src",
"8Base-CFME-5.11:rubygem-unf_ext-0:0.0.7.6-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-unf_ext-debuginfo-0:0.0.7.6-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-unf_ext-debugsource-0:0.0.7.6-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-unf_ext-doc-0:0.0.7.6-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-websocket-driver-0:0.6.5-1.el8cf.src",
"8Base-CFME-5.11:rubygem-websocket-driver-0:0.6.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-websocket-driver-debuginfo-0:0.6.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-websocket-driver-debugsource-0:0.6.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-websocket-driver-doc-0:0.6.5-1.el8cf.noarch",
"8Base-CFME-5.11:smem-0:1.4-1.el8cf.noarch",
"8Base-CFME-5.11:smem-0:1.4-1.el8cf.src",
"8Base-CFME-5.11:v2v-conversion-host-0:1.14.2-1.el8ev.src",
"8Base-CFME-5.11:v2v-conversion-host-ansible-0:1.14.2-1.el8ev.noarch",
"8Base-CFME-5.11:wmi-0:1.3.14-8.el8cf.src",
"8Base-CFME-5.11:wmi-0:1.3.14-8.el8cf.x86_64",
"8Base-CFME-5.11:wmi-debuginfo-0:1.3.14-8.el8cf.x86_64",
"8Base-CFME-5.11:wmi-debugsource-0:1.3.14-8.el8cf.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-10735"
},
{
"category": "external",
"summary": "RHBZ#1668097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1668097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10735"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735"
}
],
"release_date": "2016-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-12-12T13:34:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nIf the postgresql service is running, it will be automatically restarted after installing this update. After installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"8Base-CFME-5.11:ansible-runner-0:1.3.4-2.el8ar.noarch",
"8Base-CFME-5.11:ansible-runner-0:1.3.4-2.el8ar.src",
"8Base-CFME-5.11:ansible-tower-venv-ansible-0:3.5.2-1.el8at.x86_64",
"8Base-CFME-5.11:cfme-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-amazon-smartstate-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-amazon-smartstate-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-appliance-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-appliance-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-appliance-common-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-appliance-tools-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-gemset-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-gemset-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:ovirt-ansible-cluster-upgrade-0:1.1.13-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-cluster-upgrade-0:1.1.13-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-disaster-recovery-0:1.2.0-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-disaster-recovery-0:1.2.0-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-engine-setup-0:1.1.9-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-engine-setup-0:1.1.9-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-hosted-engine-setup-0:1.0.26-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-hosted-engine-setup-0:1.0.26-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-image-template-0:1.1.11-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-image-template-0:1.1.11-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-infra-0:1.1.12-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-infra-0:1.1.12-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-manageiq-0:1.1.14-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-manageiq-0:1.1.14-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-repositories-0:1.1.5-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-repositories-0:1.1.5-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-roles-0:1.1.7-2.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-roles-0:1.1.7-2.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-shutdown-env-0:1.0.3-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-shutdown-env-0:1.0.3-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-vm-infra-0:1.1.19-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-vm-infra-0:1.1.19-1.el8ev.src",
"8Base-CFME-5.11:prince-0:12.4-1.el8cf.src",
"8Base-CFME-5.11:prince-0:12.4-1.el8cf.x86_64",
"8Base-CFME-5.11:python-bambou-0:3.0.1-2.el8cf.src",
"8Base-CFME-5.11:python-colorama-0:0.4.1-1.el8ost.src",
"8Base-CFME-5.11:python-daemon-0:2.1.2-9.el8ar.src",
"8Base-CFME-5.11:python-funcsigs-0:1.0.2-3.el8ost.src",
"8Base-CFME-5.11:python-future-0:0.16.0-1.el8cf.src",
"8Base-CFME-5.11:python-lockfile-1:0.11.0-8.el8ar.src",
"8Base-CFME-5.11:python-mock-0:2.0.0-11.el8ost.src",
"8Base-CFME-5.11:python-pbr-0:5.1.2-2.el8ost.src",
"8Base-CFME-5.11:python-pexpect-0:4.6-2.el8ar.src",
"8Base-CFME-5.11:python-psutil-0:5.4.3-5.el8ar.src",
"8Base-CFME-5.11:python-psutil-debugsource-0:5.4.3-5.el8ar.x86_64",
"8Base-CFME-5.11:python-pylxca-0:2.1.1-2.el8cf.src",
"8Base-CFME-5.11:python-requests-toolbelt-0:0.8.0-2.el8cf.src",
"8Base-CFME-5.11:python-tabulate-0:0.8.2-1.el8cf.src",
"8Base-CFME-5.11:python-vspk-0:5.3.2-2.el8cf.src",
"8Base-CFME-5.11:python3-ansible-runner-0:1.3.4-2.el8ar.noarch",
"8Base-CFME-5.11:python3-bambou-0:3.0.1-2.el8cf.noarch",
"8Base-CFME-5.11:python3-colorama-0:0.4.1-1.el8ost.noarch",
"8Base-CFME-5.11:python3-daemon-0:2.1.2-9.el8ar.noarch",
"8Base-CFME-5.11:python3-funcsigs-0:1.0.2-3.el8ost.noarch",
"8Base-CFME-5.11:python3-future-0:0.16.0-1.el8cf.noarch",
"8Base-CFME-5.11:python3-lockfile-1:0.11.0-8.el8ar.noarch",
"8Base-CFME-5.11:python3-mock-0:2.0.0-11.el8ost.noarch",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-0:4.3.2-1.el8ev.src",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-0:4.3.2-1.el8ev.x86_64",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-debuginfo-0:4.3.2-1.el8ev.x86_64",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-debugsource-0:4.3.2-1.el8ev.x86_64",
"8Base-CFME-5.11:python3-pbr-0:5.1.2-2.el8ost.noarch",
"8Base-CFME-5.11:python3-pexpect-0:4.6-2.el8ar.noarch",
"8Base-CFME-5.11:python3-psutil-0:5.4.3-5.el8ar.x86_64",
"8Base-CFME-5.11:python3-psutil-debuginfo-0:5.4.3-5.el8ar.x86_64",
"8Base-CFME-5.11:python3-pylxca-0:2.1.1-2.el8cf.noarch",
"8Base-CFME-5.11:python3-qpid-proton-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:python3-requests-toolbelt-0:0.8.0-2.el8cf.noarch",
"8Base-CFME-5.11:python3-tabulate-0:0.8.2-1.el8cf.noarch",
"8Base-CFME-5.11:python3-vspk-0:5.3.2-2.el8cf.noarch",
"8Base-CFME-5.11:qpid-proton-0:0.28.0-1.el8.src",
"8Base-CFME-5.11:qpid-proton-c-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-c-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-c-devel-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-c-docs-0:0.28.0-1.el8.noarch",
"8Base-CFME-5.11:qpid-proton-cpp-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-debugsource-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:repmgr10-0:4.0.6-3.el8cf.src",
"8Base-CFME-5.11:repmgr10-0:4.0.6-3.el8cf.x86_64",
"8Base-CFME-5.11:repmgr10-debuginfo-0:4.0.6-3.el8cf.x86_64",
"8Base-CFME-5.11:repmgr10-debugsource-0:4.0.6-3.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-0:3.1.13-1.el8cf.src",
"8Base-CFME-5.11:rubygem-bcrypt-0:3.1.13-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-debuginfo-0:3.1.13-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-debugsource-0:3.1.13-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-doc-0:3.1.13-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-byebug-0:11.0.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-byebug-0:11.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-byebug-debuginfo-0:11.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-byebug-debugsource-0:11.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-byebug-doc-0:11.0.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-escape_utils-0:1.2.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-escape_utils-0:1.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-escape_utils-debuginfo-0:1.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-escape_utils-debugsource-0:1.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-escape_utils-doc-0:1.2.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-ffi-0:1.9.25-1.el8cf.src",
"8Base-CFME-5.11:rubygem-ffi-0:1.9.25-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ffi-debuginfo-0:1.9.25-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ffi-debugsource-0:1.9.25-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ffi-doc-0:1.9.25-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-hamlit-0:2.8.10-1.el8cf.src",
"8Base-CFME-5.11:rubygem-hamlit-0:2.8.10-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-hamlit-debuginfo-0:2.8.10-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-hamlit-debugsource-0:2.8.10-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-hamlit-doc-0:2.8.10-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-http_parser.rb-0:0.6.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-http_parser.rb-0:0.6.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-http_parser.rb-debuginfo-0:0.6.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-http_parser.rb-debugsource-0:0.6.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-http_parser.rb-doc-0:0.6.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-linux_block_device-0:0.2.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-linux_block_device-0:0.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-linux_block_device-debuginfo-0:0.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-linux_block_device-debugsource-0:0.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-linux_block_device-doc-0:0.2.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-memory_buffer-0:0.1.0-2.el8cf.src",
"8Base-CFME-5.11:rubygem-memory_buffer-0:0.1.0-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-memory_buffer-debuginfo-0:0.1.0-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-memory_buffer-debugsource-0:0.1.0-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-memory_buffer-doc-0:0.1.0-2.el8cf.noarch",
"8Base-CFME-5.11:rubygem-nio4r-0:2.4.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-nio4r-0:2.4.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nio4r-debuginfo-0:2.4.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nio4r-debugsource-0:2.4.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nio4r-doc-0:2.4.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-nokogiri-0:1.8.5-1.el8cf.src",
"8Base-CFME-5.11:rubygem-nokogiri-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nokogiri-debuginfo-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nokogiri-debugsource-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nokogiri-doc-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-0:4.3.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-0:4.3.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-debuginfo-0:4.3.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-debugsource-0:4.3.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-doc-0:4.3.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-puma-0:3.7.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-puma-0:3.7.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-puma-debuginfo-0:3.7.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-puma-debugsource-0:3.7.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-puma-doc-0:3.7.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-qpid_proton-0:0.26.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-qpid_proton-0:0.26.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-qpid_proton-debuginfo-0:0.26.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-qpid_proton-debugsource-0:0.26.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-qpid_proton-doc-0:0.26.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-rugged-0:0.28.2-1.el8cf.src",
"8Base-CFME-5.11:rubygem-rugged-0:0.28.2-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-rugged-debuginfo-0:0.28.2-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-rugged-debugsource-0:0.28.2-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-rugged-doc-0:0.28.2-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-sassc-0:2.0.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-sassc-0:2.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sassc-debuginfo-0:2.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sassc-debugsource-0:2.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sassc-doc-0:2.0.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-sqlite3-0:1.3.13-2.el8cf.src",
"8Base-CFME-5.11:rubygem-sqlite3-0:1.3.13-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sqlite3-debuginfo-0:1.3.13-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sqlite3-debugsource-0:1.3.13-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sqlite3-doc-0:1.3.13-2.el8cf.noarch",
"8Base-CFME-5.11:rubygem-surro-gate-0:1.0.5-1.el8cf.src",
"8Base-CFME-5.11:rubygem-surro-gate-0:1.0.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-surro-gate-debuginfo-0:1.0.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-surro-gate-debugsource-0:1.0.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-surro-gate-doc-0:1.0.5-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-unf_ext-0:0.0.7.6-1.el8cf.src",
"8Base-CFME-5.11:rubygem-unf_ext-0:0.0.7.6-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-unf_ext-debuginfo-0:0.0.7.6-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-unf_ext-debugsource-0:0.0.7.6-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-unf_ext-doc-0:0.0.7.6-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-websocket-driver-0:0.6.5-1.el8cf.src",
"8Base-CFME-5.11:rubygem-websocket-driver-0:0.6.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-websocket-driver-debuginfo-0:0.6.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-websocket-driver-debugsource-0:0.6.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-websocket-driver-doc-0:0.6.5-1.el8cf.noarch",
"8Base-CFME-5.11:smem-0:1.4-1.el8cf.noarch",
"8Base-CFME-5.11:smem-0:1.4-1.el8cf.src",
"8Base-CFME-5.11:v2v-conversion-host-0:1.14.2-1.el8ev.src",
"8Base-CFME-5.11:v2v-conversion-host-ansible-0:1.14.2-1.el8ev.noarch",
"8Base-CFME-5.11:wmi-0:1.3.14-8.el8cf.src",
"8Base-CFME-5.11:wmi-0:1.3.14-8.el8cf.x86_64",
"8Base-CFME-5.11:wmi-debuginfo-0:1.3.14-8.el8cf.x86_64",
"8Base-CFME-5.11:wmi-debugsource-0:1.3.14-8.el8cf.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2019:4199"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"8Base-CFME-5.11:ansible-runner-0:1.3.4-2.el8ar.noarch",
"8Base-CFME-5.11:ansible-runner-0:1.3.4-2.el8ar.src",
"8Base-CFME-5.11:ansible-tower-venv-ansible-0:3.5.2-1.el8at.x86_64",
"8Base-CFME-5.11:cfme-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-amazon-smartstate-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-amazon-smartstate-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-appliance-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-appliance-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-appliance-common-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-appliance-tools-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-gemset-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-gemset-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:ovirt-ansible-cluster-upgrade-0:1.1.13-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-cluster-upgrade-0:1.1.13-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-disaster-recovery-0:1.2.0-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-disaster-recovery-0:1.2.0-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-engine-setup-0:1.1.9-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-engine-setup-0:1.1.9-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-hosted-engine-setup-0:1.0.26-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-hosted-engine-setup-0:1.0.26-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-image-template-0:1.1.11-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-image-template-0:1.1.11-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-infra-0:1.1.12-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-infra-0:1.1.12-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-manageiq-0:1.1.14-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-manageiq-0:1.1.14-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-repositories-0:1.1.5-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-repositories-0:1.1.5-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-roles-0:1.1.7-2.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-roles-0:1.1.7-2.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-shutdown-env-0:1.0.3-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-shutdown-env-0:1.0.3-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-vm-infra-0:1.1.19-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-vm-infra-0:1.1.19-1.el8ev.src",
"8Base-CFME-5.11:prince-0:12.4-1.el8cf.src",
"8Base-CFME-5.11:prince-0:12.4-1.el8cf.x86_64",
"8Base-CFME-5.11:python-bambou-0:3.0.1-2.el8cf.src",
"8Base-CFME-5.11:python-colorama-0:0.4.1-1.el8ost.src",
"8Base-CFME-5.11:python-daemon-0:2.1.2-9.el8ar.src",
"8Base-CFME-5.11:python-funcsigs-0:1.0.2-3.el8ost.src",
"8Base-CFME-5.11:python-future-0:0.16.0-1.el8cf.src",
"8Base-CFME-5.11:python-lockfile-1:0.11.0-8.el8ar.src",
"8Base-CFME-5.11:python-mock-0:2.0.0-11.el8ost.src",
"8Base-CFME-5.11:python-pbr-0:5.1.2-2.el8ost.src",
"8Base-CFME-5.11:python-pexpect-0:4.6-2.el8ar.src",
"8Base-CFME-5.11:python-psutil-0:5.4.3-5.el8ar.src",
"8Base-CFME-5.11:python-psutil-debugsource-0:5.4.3-5.el8ar.x86_64",
"8Base-CFME-5.11:python-pylxca-0:2.1.1-2.el8cf.src",
"8Base-CFME-5.11:python-requests-toolbelt-0:0.8.0-2.el8cf.src",
"8Base-CFME-5.11:python-tabulate-0:0.8.2-1.el8cf.src",
"8Base-CFME-5.11:python-vspk-0:5.3.2-2.el8cf.src",
"8Base-CFME-5.11:python3-ansible-runner-0:1.3.4-2.el8ar.noarch",
"8Base-CFME-5.11:python3-bambou-0:3.0.1-2.el8cf.noarch",
"8Base-CFME-5.11:python3-colorama-0:0.4.1-1.el8ost.noarch",
"8Base-CFME-5.11:python3-daemon-0:2.1.2-9.el8ar.noarch",
"8Base-CFME-5.11:python3-funcsigs-0:1.0.2-3.el8ost.noarch",
"8Base-CFME-5.11:python3-future-0:0.16.0-1.el8cf.noarch",
"8Base-CFME-5.11:python3-lockfile-1:0.11.0-8.el8ar.noarch",
"8Base-CFME-5.11:python3-mock-0:2.0.0-11.el8ost.noarch",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-0:4.3.2-1.el8ev.src",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-0:4.3.2-1.el8ev.x86_64",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-debuginfo-0:4.3.2-1.el8ev.x86_64",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-debugsource-0:4.3.2-1.el8ev.x86_64",
"8Base-CFME-5.11:python3-pbr-0:5.1.2-2.el8ost.noarch",
"8Base-CFME-5.11:python3-pexpect-0:4.6-2.el8ar.noarch",
"8Base-CFME-5.11:python3-psutil-0:5.4.3-5.el8ar.x86_64",
"8Base-CFME-5.11:python3-psutil-debuginfo-0:5.4.3-5.el8ar.x86_64",
"8Base-CFME-5.11:python3-pylxca-0:2.1.1-2.el8cf.noarch",
"8Base-CFME-5.11:python3-qpid-proton-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:python3-requests-toolbelt-0:0.8.0-2.el8cf.noarch",
"8Base-CFME-5.11:python3-tabulate-0:0.8.2-1.el8cf.noarch",
"8Base-CFME-5.11:python3-vspk-0:5.3.2-2.el8cf.noarch",
"8Base-CFME-5.11:qpid-proton-0:0.28.0-1.el8.src",
"8Base-CFME-5.11:qpid-proton-c-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-c-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-c-devel-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-c-docs-0:0.28.0-1.el8.noarch",
"8Base-CFME-5.11:qpid-proton-cpp-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-debugsource-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:repmgr10-0:4.0.6-3.el8cf.src",
"8Base-CFME-5.11:repmgr10-0:4.0.6-3.el8cf.x86_64",
"8Base-CFME-5.11:repmgr10-debuginfo-0:4.0.6-3.el8cf.x86_64",
"8Base-CFME-5.11:repmgr10-debugsource-0:4.0.6-3.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-0:3.1.13-1.el8cf.src",
"8Base-CFME-5.11:rubygem-bcrypt-0:3.1.13-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-debuginfo-0:3.1.13-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-debugsource-0:3.1.13-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-doc-0:3.1.13-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-byebug-0:11.0.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-byebug-0:11.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-byebug-debuginfo-0:11.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-byebug-debugsource-0:11.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-byebug-doc-0:11.0.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-escape_utils-0:1.2.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-escape_utils-0:1.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-escape_utils-debuginfo-0:1.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-escape_utils-debugsource-0:1.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-escape_utils-doc-0:1.2.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-ffi-0:1.9.25-1.el8cf.src",
"8Base-CFME-5.11:rubygem-ffi-0:1.9.25-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ffi-debuginfo-0:1.9.25-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ffi-debugsource-0:1.9.25-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ffi-doc-0:1.9.25-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-hamlit-0:2.8.10-1.el8cf.src",
"8Base-CFME-5.11:rubygem-hamlit-0:2.8.10-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-hamlit-debuginfo-0:2.8.10-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-hamlit-debugsource-0:2.8.10-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-hamlit-doc-0:2.8.10-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-http_parser.rb-0:0.6.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-http_parser.rb-0:0.6.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-http_parser.rb-debuginfo-0:0.6.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-http_parser.rb-debugsource-0:0.6.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-http_parser.rb-doc-0:0.6.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-linux_block_device-0:0.2.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-linux_block_device-0:0.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-linux_block_device-debuginfo-0:0.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-linux_block_device-debugsource-0:0.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-linux_block_device-doc-0:0.2.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-memory_buffer-0:0.1.0-2.el8cf.src",
"8Base-CFME-5.11:rubygem-memory_buffer-0:0.1.0-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-memory_buffer-debuginfo-0:0.1.0-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-memory_buffer-debugsource-0:0.1.0-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-memory_buffer-doc-0:0.1.0-2.el8cf.noarch",
"8Base-CFME-5.11:rubygem-nio4r-0:2.4.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-nio4r-0:2.4.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nio4r-debuginfo-0:2.4.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nio4r-debugsource-0:2.4.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nio4r-doc-0:2.4.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-nokogiri-0:1.8.5-1.el8cf.src",
"8Base-CFME-5.11:rubygem-nokogiri-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nokogiri-debuginfo-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nokogiri-debugsource-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nokogiri-doc-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-0:4.3.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-0:4.3.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-debuginfo-0:4.3.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-debugsource-0:4.3.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-doc-0:4.3.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-puma-0:3.7.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-puma-0:3.7.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-puma-debuginfo-0:3.7.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-puma-debugsource-0:3.7.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-puma-doc-0:3.7.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-qpid_proton-0:0.26.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-qpid_proton-0:0.26.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-qpid_proton-debuginfo-0:0.26.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-qpid_proton-debugsource-0:0.26.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-qpid_proton-doc-0:0.26.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-rugged-0:0.28.2-1.el8cf.src",
"8Base-CFME-5.11:rubygem-rugged-0:0.28.2-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-rugged-debuginfo-0:0.28.2-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-rugged-debugsource-0:0.28.2-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-rugged-doc-0:0.28.2-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-sassc-0:2.0.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-sassc-0:2.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sassc-debuginfo-0:2.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sassc-debugsource-0:2.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sassc-doc-0:2.0.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-sqlite3-0:1.3.13-2.el8cf.src",
"8Base-CFME-5.11:rubygem-sqlite3-0:1.3.13-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sqlite3-debuginfo-0:1.3.13-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sqlite3-debugsource-0:1.3.13-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sqlite3-doc-0:1.3.13-2.el8cf.noarch",
"8Base-CFME-5.11:rubygem-surro-gate-0:1.0.5-1.el8cf.src",
"8Base-CFME-5.11:rubygem-surro-gate-0:1.0.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-surro-gate-debuginfo-0:1.0.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-surro-gate-debugsource-0:1.0.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-surro-gate-doc-0:1.0.5-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-unf_ext-0:0.0.7.6-1.el8cf.src",
"8Base-CFME-5.11:rubygem-unf_ext-0:0.0.7.6-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-unf_ext-debuginfo-0:0.0.7.6-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-unf_ext-debugsource-0:0.0.7.6-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-unf_ext-doc-0:0.0.7.6-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-websocket-driver-0:0.6.5-1.el8cf.src",
"8Base-CFME-5.11:rubygem-websocket-driver-0:0.6.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-websocket-driver-debuginfo-0:0.6.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-websocket-driver-debugsource-0:0.6.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-websocket-driver-doc-0:0.6.5-1.el8cf.noarch",
"8Base-CFME-5.11:smem-0:1.4-1.el8cf.noarch",
"8Base-CFME-5.11:smem-0:1.4-1.el8cf.src",
"8Base-CFME-5.11:v2v-conversion-host-0:1.14.2-1.el8ev.src",
"8Base-CFME-5.11:v2v-conversion-host-ansible-0:1.14.2-1.el8ev.noarch",
"8Base-CFME-5.11:wmi-0:1.3.14-8.el8cf.src",
"8Base-CFME-5.11:wmi-0:1.3.14-8.el8cf.x86_64",
"8Base-CFME-5.11:wmi-debuginfo-0:1.3.14-8.el8cf.x86_64",
"8Base-CFME-5.11:wmi-debugsource-0:1.3.14-8.el8cf.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: XSS in the data-target attribute"
},
{
"cve": "CVE-2019-0223",
"cwe": {
"id": "CWE-300",
"name": "Channel Accessible by Non-Endpoint"
},
"discovery_date": "2019-04-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1702439"
}
],
"notes": [
{
"category": "description",
"text": "A cryptographic weakness was discovered in qpid-proton\u0027s use of TLS. If the qpid-proton client was used without client certificates, it would accept an anonymous cipher offered by the server. A man-in-the-middle attacker could use this to silently intercept traffic that should have been encrypted.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "qpid-proton: TLS Man in the Middle Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack Platform 14 (and its Operational Tools) is impacted by this flaw; other supported versions are not vulnerable.\n\nRed Hat Virtualization 4 uses qpid-proton for katello-agent, which always uses client certificate authentication.\n\nRed Hat Update Infrastructure 3 is impacted by this flaw, however in its default configuration client certificate authentication is used and qpidd service, which uses qpid-proton, cannot be reach from other machines.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-CFME-5.11:ansible-runner-0:1.3.4-2.el8ar.noarch",
"8Base-CFME-5.11:ansible-runner-0:1.3.4-2.el8ar.src",
"8Base-CFME-5.11:ansible-tower-venv-ansible-0:3.5.2-1.el8at.x86_64",
"8Base-CFME-5.11:cfme-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-amazon-smartstate-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-amazon-smartstate-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-appliance-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-appliance-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-appliance-common-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-appliance-tools-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-gemset-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-gemset-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:ovirt-ansible-cluster-upgrade-0:1.1.13-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-cluster-upgrade-0:1.1.13-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-disaster-recovery-0:1.2.0-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-disaster-recovery-0:1.2.0-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-engine-setup-0:1.1.9-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-engine-setup-0:1.1.9-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-hosted-engine-setup-0:1.0.26-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-hosted-engine-setup-0:1.0.26-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-image-template-0:1.1.11-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-image-template-0:1.1.11-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-infra-0:1.1.12-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-infra-0:1.1.12-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-manageiq-0:1.1.14-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-manageiq-0:1.1.14-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-repositories-0:1.1.5-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-repositories-0:1.1.5-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-roles-0:1.1.7-2.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-roles-0:1.1.7-2.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-shutdown-env-0:1.0.3-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-shutdown-env-0:1.0.3-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-vm-infra-0:1.1.19-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-vm-infra-0:1.1.19-1.el8ev.src",
"8Base-CFME-5.11:prince-0:12.4-1.el8cf.src",
"8Base-CFME-5.11:prince-0:12.4-1.el8cf.x86_64",
"8Base-CFME-5.11:python-bambou-0:3.0.1-2.el8cf.src",
"8Base-CFME-5.11:python-colorama-0:0.4.1-1.el8ost.src",
"8Base-CFME-5.11:python-daemon-0:2.1.2-9.el8ar.src",
"8Base-CFME-5.11:python-funcsigs-0:1.0.2-3.el8ost.src",
"8Base-CFME-5.11:python-future-0:0.16.0-1.el8cf.src",
"8Base-CFME-5.11:python-lockfile-1:0.11.0-8.el8ar.src",
"8Base-CFME-5.11:python-mock-0:2.0.0-11.el8ost.src",
"8Base-CFME-5.11:python-pbr-0:5.1.2-2.el8ost.src",
"8Base-CFME-5.11:python-pexpect-0:4.6-2.el8ar.src",
"8Base-CFME-5.11:python-psutil-0:5.4.3-5.el8ar.src",
"8Base-CFME-5.11:python-psutil-debugsource-0:5.4.3-5.el8ar.x86_64",
"8Base-CFME-5.11:python-pylxca-0:2.1.1-2.el8cf.src",
"8Base-CFME-5.11:python-requests-toolbelt-0:0.8.0-2.el8cf.src",
"8Base-CFME-5.11:python-tabulate-0:0.8.2-1.el8cf.src",
"8Base-CFME-5.11:python-vspk-0:5.3.2-2.el8cf.src",
"8Base-CFME-5.11:python3-ansible-runner-0:1.3.4-2.el8ar.noarch",
"8Base-CFME-5.11:python3-bambou-0:3.0.1-2.el8cf.noarch",
"8Base-CFME-5.11:python3-colorama-0:0.4.1-1.el8ost.noarch",
"8Base-CFME-5.11:python3-daemon-0:2.1.2-9.el8ar.noarch",
"8Base-CFME-5.11:python3-funcsigs-0:1.0.2-3.el8ost.noarch",
"8Base-CFME-5.11:python3-future-0:0.16.0-1.el8cf.noarch",
"8Base-CFME-5.11:python3-lockfile-1:0.11.0-8.el8ar.noarch",
"8Base-CFME-5.11:python3-mock-0:2.0.0-11.el8ost.noarch",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-0:4.3.2-1.el8ev.src",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-0:4.3.2-1.el8ev.x86_64",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-debuginfo-0:4.3.2-1.el8ev.x86_64",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-debugsource-0:4.3.2-1.el8ev.x86_64",
"8Base-CFME-5.11:python3-pbr-0:5.1.2-2.el8ost.noarch",
"8Base-CFME-5.11:python3-pexpect-0:4.6-2.el8ar.noarch",
"8Base-CFME-5.11:python3-psutil-0:5.4.3-5.el8ar.x86_64",
"8Base-CFME-5.11:python3-psutil-debuginfo-0:5.4.3-5.el8ar.x86_64",
"8Base-CFME-5.11:python3-pylxca-0:2.1.1-2.el8cf.noarch",
"8Base-CFME-5.11:python3-qpid-proton-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:python3-requests-toolbelt-0:0.8.0-2.el8cf.noarch",
"8Base-CFME-5.11:python3-tabulate-0:0.8.2-1.el8cf.noarch",
"8Base-CFME-5.11:python3-vspk-0:5.3.2-2.el8cf.noarch",
"8Base-CFME-5.11:qpid-proton-0:0.28.0-1.el8.src",
"8Base-CFME-5.11:qpid-proton-c-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-c-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-c-devel-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-c-docs-0:0.28.0-1.el8.noarch",
"8Base-CFME-5.11:qpid-proton-cpp-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-debugsource-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:repmgr10-0:4.0.6-3.el8cf.src",
"8Base-CFME-5.11:repmgr10-0:4.0.6-3.el8cf.x86_64",
"8Base-CFME-5.11:repmgr10-debuginfo-0:4.0.6-3.el8cf.x86_64",
"8Base-CFME-5.11:repmgr10-debugsource-0:4.0.6-3.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-0:3.1.13-1.el8cf.src",
"8Base-CFME-5.11:rubygem-bcrypt-0:3.1.13-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-debuginfo-0:3.1.13-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-debugsource-0:3.1.13-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-doc-0:3.1.13-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-byebug-0:11.0.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-byebug-0:11.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-byebug-debuginfo-0:11.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-byebug-debugsource-0:11.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-byebug-doc-0:11.0.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-escape_utils-0:1.2.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-escape_utils-0:1.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-escape_utils-debuginfo-0:1.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-escape_utils-debugsource-0:1.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-escape_utils-doc-0:1.2.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-ffi-0:1.9.25-1.el8cf.src",
"8Base-CFME-5.11:rubygem-ffi-0:1.9.25-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ffi-debuginfo-0:1.9.25-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ffi-debugsource-0:1.9.25-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ffi-doc-0:1.9.25-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-hamlit-0:2.8.10-1.el8cf.src",
"8Base-CFME-5.11:rubygem-hamlit-0:2.8.10-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-hamlit-debuginfo-0:2.8.10-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-hamlit-debugsource-0:2.8.10-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-hamlit-doc-0:2.8.10-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-http_parser.rb-0:0.6.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-http_parser.rb-0:0.6.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-http_parser.rb-debuginfo-0:0.6.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-http_parser.rb-debugsource-0:0.6.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-http_parser.rb-doc-0:0.6.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-linux_block_device-0:0.2.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-linux_block_device-0:0.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-linux_block_device-debuginfo-0:0.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-linux_block_device-debugsource-0:0.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-linux_block_device-doc-0:0.2.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-memory_buffer-0:0.1.0-2.el8cf.src",
"8Base-CFME-5.11:rubygem-memory_buffer-0:0.1.0-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-memory_buffer-debuginfo-0:0.1.0-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-memory_buffer-debugsource-0:0.1.0-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-memory_buffer-doc-0:0.1.0-2.el8cf.noarch",
"8Base-CFME-5.11:rubygem-nio4r-0:2.4.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-nio4r-0:2.4.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nio4r-debuginfo-0:2.4.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nio4r-debugsource-0:2.4.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nio4r-doc-0:2.4.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-nokogiri-0:1.8.5-1.el8cf.src",
"8Base-CFME-5.11:rubygem-nokogiri-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nokogiri-debuginfo-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nokogiri-debugsource-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nokogiri-doc-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-0:4.3.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-0:4.3.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-debuginfo-0:4.3.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-debugsource-0:4.3.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-doc-0:4.3.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-puma-0:3.7.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-puma-0:3.7.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-puma-debuginfo-0:3.7.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-puma-debugsource-0:3.7.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-puma-doc-0:3.7.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-qpid_proton-0:0.26.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-qpid_proton-0:0.26.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-qpid_proton-debuginfo-0:0.26.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-qpid_proton-debugsource-0:0.26.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-qpid_proton-doc-0:0.26.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-rugged-0:0.28.2-1.el8cf.src",
"8Base-CFME-5.11:rubygem-rugged-0:0.28.2-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-rugged-debuginfo-0:0.28.2-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-rugged-debugsource-0:0.28.2-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-rugged-doc-0:0.28.2-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-sassc-0:2.0.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-sassc-0:2.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sassc-debuginfo-0:2.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sassc-debugsource-0:2.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sassc-doc-0:2.0.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-sqlite3-0:1.3.13-2.el8cf.src",
"8Base-CFME-5.11:rubygem-sqlite3-0:1.3.13-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sqlite3-debuginfo-0:1.3.13-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sqlite3-debugsource-0:1.3.13-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sqlite3-doc-0:1.3.13-2.el8cf.noarch",
"8Base-CFME-5.11:rubygem-surro-gate-0:1.0.5-1.el8cf.src",
"8Base-CFME-5.11:rubygem-surro-gate-0:1.0.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-surro-gate-debuginfo-0:1.0.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-surro-gate-debugsource-0:1.0.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-surro-gate-doc-0:1.0.5-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-unf_ext-0:0.0.7.6-1.el8cf.src",
"8Base-CFME-5.11:rubygem-unf_ext-0:0.0.7.6-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-unf_ext-debuginfo-0:0.0.7.6-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-unf_ext-debugsource-0:0.0.7.6-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-unf_ext-doc-0:0.0.7.6-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-websocket-driver-0:0.6.5-1.el8cf.src",
"8Base-CFME-5.11:rubygem-websocket-driver-0:0.6.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-websocket-driver-debuginfo-0:0.6.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-websocket-driver-debugsource-0:0.6.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-websocket-driver-doc-0:0.6.5-1.el8cf.noarch",
"8Base-CFME-5.11:smem-0:1.4-1.el8cf.noarch",
"8Base-CFME-5.11:smem-0:1.4-1.el8cf.src",
"8Base-CFME-5.11:v2v-conversion-host-0:1.14.2-1.el8ev.src",
"8Base-CFME-5.11:v2v-conversion-host-ansible-0:1.14.2-1.el8ev.noarch",
"8Base-CFME-5.11:wmi-0:1.3.14-8.el8cf.src",
"8Base-CFME-5.11:wmi-0:1.3.14-8.el8cf.x86_64",
"8Base-CFME-5.11:wmi-debuginfo-0:1.3.14-8.el8cf.x86_64",
"8Base-CFME-5.11:wmi-debugsource-0:1.3.14-8.el8cf.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-0223"
},
{
"category": "external",
"summary": "RHBZ#1702439",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1702439"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-0223",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0223"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-0223",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0223"
},
{
"category": "external",
"summary": "https://qpid.apache.org/cves/CVE-2019-0223.html",
"url": "https://qpid.apache.org/cves/CVE-2019-0223.html"
}
],
"release_date": "2019-04-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-12-12T13:34:43+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nIf the postgresql service is running, it will be automatically restarted after installing this update. After installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"8Base-CFME-5.11:ansible-runner-0:1.3.4-2.el8ar.noarch",
"8Base-CFME-5.11:ansible-runner-0:1.3.4-2.el8ar.src",
"8Base-CFME-5.11:ansible-tower-venv-ansible-0:3.5.2-1.el8at.x86_64",
"8Base-CFME-5.11:cfme-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-amazon-smartstate-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-amazon-smartstate-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-appliance-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-appliance-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-appliance-common-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-appliance-tools-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-gemset-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-gemset-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:ovirt-ansible-cluster-upgrade-0:1.1.13-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-cluster-upgrade-0:1.1.13-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-disaster-recovery-0:1.2.0-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-disaster-recovery-0:1.2.0-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-engine-setup-0:1.1.9-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-engine-setup-0:1.1.9-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-hosted-engine-setup-0:1.0.26-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-hosted-engine-setup-0:1.0.26-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-image-template-0:1.1.11-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-image-template-0:1.1.11-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-infra-0:1.1.12-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-infra-0:1.1.12-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-manageiq-0:1.1.14-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-manageiq-0:1.1.14-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-repositories-0:1.1.5-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-repositories-0:1.1.5-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-roles-0:1.1.7-2.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-roles-0:1.1.7-2.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-shutdown-env-0:1.0.3-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-shutdown-env-0:1.0.3-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-vm-infra-0:1.1.19-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-vm-infra-0:1.1.19-1.el8ev.src",
"8Base-CFME-5.11:prince-0:12.4-1.el8cf.src",
"8Base-CFME-5.11:prince-0:12.4-1.el8cf.x86_64",
"8Base-CFME-5.11:python-bambou-0:3.0.1-2.el8cf.src",
"8Base-CFME-5.11:python-colorama-0:0.4.1-1.el8ost.src",
"8Base-CFME-5.11:python-daemon-0:2.1.2-9.el8ar.src",
"8Base-CFME-5.11:python-funcsigs-0:1.0.2-3.el8ost.src",
"8Base-CFME-5.11:python-future-0:0.16.0-1.el8cf.src",
"8Base-CFME-5.11:python-lockfile-1:0.11.0-8.el8ar.src",
"8Base-CFME-5.11:python-mock-0:2.0.0-11.el8ost.src",
"8Base-CFME-5.11:python-pbr-0:5.1.2-2.el8ost.src",
"8Base-CFME-5.11:python-pexpect-0:4.6-2.el8ar.src",
"8Base-CFME-5.11:python-psutil-0:5.4.3-5.el8ar.src",
"8Base-CFME-5.11:python-psutil-debugsource-0:5.4.3-5.el8ar.x86_64",
"8Base-CFME-5.11:python-pylxca-0:2.1.1-2.el8cf.src",
"8Base-CFME-5.11:python-requests-toolbelt-0:0.8.0-2.el8cf.src",
"8Base-CFME-5.11:python-tabulate-0:0.8.2-1.el8cf.src",
"8Base-CFME-5.11:python-vspk-0:5.3.2-2.el8cf.src",
"8Base-CFME-5.11:python3-ansible-runner-0:1.3.4-2.el8ar.noarch",
"8Base-CFME-5.11:python3-bambou-0:3.0.1-2.el8cf.noarch",
"8Base-CFME-5.11:python3-colorama-0:0.4.1-1.el8ost.noarch",
"8Base-CFME-5.11:python3-daemon-0:2.1.2-9.el8ar.noarch",
"8Base-CFME-5.11:python3-funcsigs-0:1.0.2-3.el8ost.noarch",
"8Base-CFME-5.11:python3-future-0:0.16.0-1.el8cf.noarch",
"8Base-CFME-5.11:python3-lockfile-1:0.11.0-8.el8ar.noarch",
"8Base-CFME-5.11:python3-mock-0:2.0.0-11.el8ost.noarch",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-0:4.3.2-1.el8ev.src",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-0:4.3.2-1.el8ev.x86_64",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-debuginfo-0:4.3.2-1.el8ev.x86_64",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-debugsource-0:4.3.2-1.el8ev.x86_64",
"8Base-CFME-5.11:python3-pbr-0:5.1.2-2.el8ost.noarch",
"8Base-CFME-5.11:python3-pexpect-0:4.6-2.el8ar.noarch",
"8Base-CFME-5.11:python3-psutil-0:5.4.3-5.el8ar.x86_64",
"8Base-CFME-5.11:python3-psutil-debuginfo-0:5.4.3-5.el8ar.x86_64",
"8Base-CFME-5.11:python3-pylxca-0:2.1.1-2.el8cf.noarch",
"8Base-CFME-5.11:python3-qpid-proton-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:python3-requests-toolbelt-0:0.8.0-2.el8cf.noarch",
"8Base-CFME-5.11:python3-tabulate-0:0.8.2-1.el8cf.noarch",
"8Base-CFME-5.11:python3-vspk-0:5.3.2-2.el8cf.noarch",
"8Base-CFME-5.11:qpid-proton-0:0.28.0-1.el8.src",
"8Base-CFME-5.11:qpid-proton-c-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-c-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-c-devel-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-c-docs-0:0.28.0-1.el8.noarch",
"8Base-CFME-5.11:qpid-proton-cpp-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-debugsource-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:repmgr10-0:4.0.6-3.el8cf.src",
"8Base-CFME-5.11:repmgr10-0:4.0.6-3.el8cf.x86_64",
"8Base-CFME-5.11:repmgr10-debuginfo-0:4.0.6-3.el8cf.x86_64",
"8Base-CFME-5.11:repmgr10-debugsource-0:4.0.6-3.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-0:3.1.13-1.el8cf.src",
"8Base-CFME-5.11:rubygem-bcrypt-0:3.1.13-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-debuginfo-0:3.1.13-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-debugsource-0:3.1.13-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-doc-0:3.1.13-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-byebug-0:11.0.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-byebug-0:11.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-byebug-debuginfo-0:11.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-byebug-debugsource-0:11.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-byebug-doc-0:11.0.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-escape_utils-0:1.2.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-escape_utils-0:1.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-escape_utils-debuginfo-0:1.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-escape_utils-debugsource-0:1.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-escape_utils-doc-0:1.2.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-ffi-0:1.9.25-1.el8cf.src",
"8Base-CFME-5.11:rubygem-ffi-0:1.9.25-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ffi-debuginfo-0:1.9.25-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ffi-debugsource-0:1.9.25-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ffi-doc-0:1.9.25-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-hamlit-0:2.8.10-1.el8cf.src",
"8Base-CFME-5.11:rubygem-hamlit-0:2.8.10-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-hamlit-debuginfo-0:2.8.10-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-hamlit-debugsource-0:2.8.10-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-hamlit-doc-0:2.8.10-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-http_parser.rb-0:0.6.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-http_parser.rb-0:0.6.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-http_parser.rb-debuginfo-0:0.6.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-http_parser.rb-debugsource-0:0.6.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-http_parser.rb-doc-0:0.6.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-linux_block_device-0:0.2.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-linux_block_device-0:0.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-linux_block_device-debuginfo-0:0.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-linux_block_device-debugsource-0:0.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-linux_block_device-doc-0:0.2.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-memory_buffer-0:0.1.0-2.el8cf.src",
"8Base-CFME-5.11:rubygem-memory_buffer-0:0.1.0-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-memory_buffer-debuginfo-0:0.1.0-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-memory_buffer-debugsource-0:0.1.0-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-memory_buffer-doc-0:0.1.0-2.el8cf.noarch",
"8Base-CFME-5.11:rubygem-nio4r-0:2.4.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-nio4r-0:2.4.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nio4r-debuginfo-0:2.4.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nio4r-debugsource-0:2.4.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nio4r-doc-0:2.4.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-nokogiri-0:1.8.5-1.el8cf.src",
"8Base-CFME-5.11:rubygem-nokogiri-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nokogiri-debuginfo-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nokogiri-debugsource-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nokogiri-doc-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-0:4.3.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-0:4.3.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-debuginfo-0:4.3.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-debugsource-0:4.3.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-doc-0:4.3.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-puma-0:3.7.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-puma-0:3.7.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-puma-debuginfo-0:3.7.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-puma-debugsource-0:3.7.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-puma-doc-0:3.7.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-qpid_proton-0:0.26.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-qpid_proton-0:0.26.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-qpid_proton-debuginfo-0:0.26.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-qpid_proton-debugsource-0:0.26.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-qpid_proton-doc-0:0.26.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-rugged-0:0.28.2-1.el8cf.src",
"8Base-CFME-5.11:rubygem-rugged-0:0.28.2-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-rugged-debuginfo-0:0.28.2-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-rugged-debugsource-0:0.28.2-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-rugged-doc-0:0.28.2-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-sassc-0:2.0.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-sassc-0:2.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sassc-debuginfo-0:2.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sassc-debugsource-0:2.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sassc-doc-0:2.0.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-sqlite3-0:1.3.13-2.el8cf.src",
"8Base-CFME-5.11:rubygem-sqlite3-0:1.3.13-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sqlite3-debuginfo-0:1.3.13-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sqlite3-debugsource-0:1.3.13-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sqlite3-doc-0:1.3.13-2.el8cf.noarch",
"8Base-CFME-5.11:rubygem-surro-gate-0:1.0.5-1.el8cf.src",
"8Base-CFME-5.11:rubygem-surro-gate-0:1.0.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-surro-gate-debuginfo-0:1.0.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-surro-gate-debugsource-0:1.0.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-surro-gate-doc-0:1.0.5-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-unf_ext-0:0.0.7.6-1.el8cf.src",
"8Base-CFME-5.11:rubygem-unf_ext-0:0.0.7.6-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-unf_ext-debuginfo-0:0.0.7.6-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-unf_ext-debugsource-0:0.0.7.6-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-unf_ext-doc-0:0.0.7.6-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-websocket-driver-0:0.6.5-1.el8cf.src",
"8Base-CFME-5.11:rubygem-websocket-driver-0:0.6.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-websocket-driver-debuginfo-0:0.6.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-websocket-driver-debugsource-0:0.6.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-websocket-driver-doc-0:0.6.5-1.el8cf.noarch",
"8Base-CFME-5.11:smem-0:1.4-1.el8cf.noarch",
"8Base-CFME-5.11:smem-0:1.4-1.el8cf.src",
"8Base-CFME-5.11:v2v-conversion-host-0:1.14.2-1.el8ev.src",
"8Base-CFME-5.11:v2v-conversion-host-ansible-0:1.14.2-1.el8ev.noarch",
"8Base-CFME-5.11:wmi-0:1.3.14-8.el8cf.src",
"8Base-CFME-5.11:wmi-0:1.3.14-8.el8cf.x86_64",
"8Base-CFME-5.11:wmi-debuginfo-0:1.3.14-8.el8cf.x86_64",
"8Base-CFME-5.11:wmi-debugsource-0:1.3.14-8.el8cf.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2019:4199"
},
{
"category": "workaround",
"details": "This attack will not work if client-certificate authentication is in place because anonymous ciphers would not then be available.\nAnother possible mitigation is to disable anonymous ciphers on clients.",
"product_ids": [
"8Base-CFME-5.11:ansible-runner-0:1.3.4-2.el8ar.noarch",
"8Base-CFME-5.11:ansible-runner-0:1.3.4-2.el8ar.src",
"8Base-CFME-5.11:ansible-tower-venv-ansible-0:3.5.2-1.el8at.x86_64",
"8Base-CFME-5.11:cfme-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-amazon-smartstate-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-amazon-smartstate-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-appliance-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-appliance-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-appliance-common-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-appliance-tools-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-gemset-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-gemset-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:ovirt-ansible-cluster-upgrade-0:1.1.13-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-cluster-upgrade-0:1.1.13-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-disaster-recovery-0:1.2.0-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-disaster-recovery-0:1.2.0-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-engine-setup-0:1.1.9-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-engine-setup-0:1.1.9-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-hosted-engine-setup-0:1.0.26-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-hosted-engine-setup-0:1.0.26-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-image-template-0:1.1.11-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-image-template-0:1.1.11-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-infra-0:1.1.12-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-infra-0:1.1.12-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-manageiq-0:1.1.14-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-manageiq-0:1.1.14-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-repositories-0:1.1.5-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-repositories-0:1.1.5-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-roles-0:1.1.7-2.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-roles-0:1.1.7-2.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-shutdown-env-0:1.0.3-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-shutdown-env-0:1.0.3-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-vm-infra-0:1.1.19-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-vm-infra-0:1.1.19-1.el8ev.src",
"8Base-CFME-5.11:prince-0:12.4-1.el8cf.src",
"8Base-CFME-5.11:prince-0:12.4-1.el8cf.x86_64",
"8Base-CFME-5.11:python-bambou-0:3.0.1-2.el8cf.src",
"8Base-CFME-5.11:python-colorama-0:0.4.1-1.el8ost.src",
"8Base-CFME-5.11:python-daemon-0:2.1.2-9.el8ar.src",
"8Base-CFME-5.11:python-funcsigs-0:1.0.2-3.el8ost.src",
"8Base-CFME-5.11:python-future-0:0.16.0-1.el8cf.src",
"8Base-CFME-5.11:python-lockfile-1:0.11.0-8.el8ar.src",
"8Base-CFME-5.11:python-mock-0:2.0.0-11.el8ost.src",
"8Base-CFME-5.11:python-pbr-0:5.1.2-2.el8ost.src",
"8Base-CFME-5.11:python-pexpect-0:4.6-2.el8ar.src",
"8Base-CFME-5.11:python-psutil-0:5.4.3-5.el8ar.src",
"8Base-CFME-5.11:python-psutil-debugsource-0:5.4.3-5.el8ar.x86_64",
"8Base-CFME-5.11:python-pylxca-0:2.1.1-2.el8cf.src",
"8Base-CFME-5.11:python-requests-toolbelt-0:0.8.0-2.el8cf.src",
"8Base-CFME-5.11:python-tabulate-0:0.8.2-1.el8cf.src",
"8Base-CFME-5.11:python-vspk-0:5.3.2-2.el8cf.src",
"8Base-CFME-5.11:python3-ansible-runner-0:1.3.4-2.el8ar.noarch",
"8Base-CFME-5.11:python3-bambou-0:3.0.1-2.el8cf.noarch",
"8Base-CFME-5.11:python3-colorama-0:0.4.1-1.el8ost.noarch",
"8Base-CFME-5.11:python3-daemon-0:2.1.2-9.el8ar.noarch",
"8Base-CFME-5.11:python3-funcsigs-0:1.0.2-3.el8ost.noarch",
"8Base-CFME-5.11:python3-future-0:0.16.0-1.el8cf.noarch",
"8Base-CFME-5.11:python3-lockfile-1:0.11.0-8.el8ar.noarch",
"8Base-CFME-5.11:python3-mock-0:2.0.0-11.el8ost.noarch",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-0:4.3.2-1.el8ev.src",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-0:4.3.2-1.el8ev.x86_64",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-debuginfo-0:4.3.2-1.el8ev.x86_64",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-debugsource-0:4.3.2-1.el8ev.x86_64",
"8Base-CFME-5.11:python3-pbr-0:5.1.2-2.el8ost.noarch",
"8Base-CFME-5.11:python3-pexpect-0:4.6-2.el8ar.noarch",
"8Base-CFME-5.11:python3-psutil-0:5.4.3-5.el8ar.x86_64",
"8Base-CFME-5.11:python3-psutil-debuginfo-0:5.4.3-5.el8ar.x86_64",
"8Base-CFME-5.11:python3-pylxca-0:2.1.1-2.el8cf.noarch",
"8Base-CFME-5.11:python3-qpid-proton-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:python3-requests-toolbelt-0:0.8.0-2.el8cf.noarch",
"8Base-CFME-5.11:python3-tabulate-0:0.8.2-1.el8cf.noarch",
"8Base-CFME-5.11:python3-vspk-0:5.3.2-2.el8cf.noarch",
"8Base-CFME-5.11:qpid-proton-0:0.28.0-1.el8.src",
"8Base-CFME-5.11:qpid-proton-c-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-c-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-c-devel-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-c-docs-0:0.28.0-1.el8.noarch",
"8Base-CFME-5.11:qpid-proton-cpp-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-debugsource-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:repmgr10-0:4.0.6-3.el8cf.src",
"8Base-CFME-5.11:repmgr10-0:4.0.6-3.el8cf.x86_64",
"8Base-CFME-5.11:repmgr10-debuginfo-0:4.0.6-3.el8cf.x86_64",
"8Base-CFME-5.11:repmgr10-debugsource-0:4.0.6-3.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-0:3.1.13-1.el8cf.src",
"8Base-CFME-5.11:rubygem-bcrypt-0:3.1.13-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-debuginfo-0:3.1.13-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-debugsource-0:3.1.13-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-doc-0:3.1.13-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-byebug-0:11.0.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-byebug-0:11.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-byebug-debuginfo-0:11.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-byebug-debugsource-0:11.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-byebug-doc-0:11.0.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-escape_utils-0:1.2.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-escape_utils-0:1.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-escape_utils-debuginfo-0:1.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-escape_utils-debugsource-0:1.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-escape_utils-doc-0:1.2.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-ffi-0:1.9.25-1.el8cf.src",
"8Base-CFME-5.11:rubygem-ffi-0:1.9.25-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ffi-debuginfo-0:1.9.25-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ffi-debugsource-0:1.9.25-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ffi-doc-0:1.9.25-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-hamlit-0:2.8.10-1.el8cf.src",
"8Base-CFME-5.11:rubygem-hamlit-0:2.8.10-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-hamlit-debuginfo-0:2.8.10-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-hamlit-debugsource-0:2.8.10-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-hamlit-doc-0:2.8.10-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-http_parser.rb-0:0.6.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-http_parser.rb-0:0.6.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-http_parser.rb-debuginfo-0:0.6.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-http_parser.rb-debugsource-0:0.6.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-http_parser.rb-doc-0:0.6.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-linux_block_device-0:0.2.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-linux_block_device-0:0.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-linux_block_device-debuginfo-0:0.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-linux_block_device-debugsource-0:0.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-linux_block_device-doc-0:0.2.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-memory_buffer-0:0.1.0-2.el8cf.src",
"8Base-CFME-5.11:rubygem-memory_buffer-0:0.1.0-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-memory_buffer-debuginfo-0:0.1.0-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-memory_buffer-debugsource-0:0.1.0-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-memory_buffer-doc-0:0.1.0-2.el8cf.noarch",
"8Base-CFME-5.11:rubygem-nio4r-0:2.4.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-nio4r-0:2.4.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nio4r-debuginfo-0:2.4.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nio4r-debugsource-0:2.4.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nio4r-doc-0:2.4.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-nokogiri-0:1.8.5-1.el8cf.src",
"8Base-CFME-5.11:rubygem-nokogiri-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nokogiri-debuginfo-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nokogiri-debugsource-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nokogiri-doc-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-0:4.3.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-0:4.3.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-debuginfo-0:4.3.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-debugsource-0:4.3.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-doc-0:4.3.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-puma-0:3.7.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-puma-0:3.7.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-puma-debuginfo-0:3.7.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-puma-debugsource-0:3.7.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-puma-doc-0:3.7.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-qpid_proton-0:0.26.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-qpid_proton-0:0.26.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-qpid_proton-debuginfo-0:0.26.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-qpid_proton-debugsource-0:0.26.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-qpid_proton-doc-0:0.26.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-rugged-0:0.28.2-1.el8cf.src",
"8Base-CFME-5.11:rubygem-rugged-0:0.28.2-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-rugged-debuginfo-0:0.28.2-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-rugged-debugsource-0:0.28.2-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-rugged-doc-0:0.28.2-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-sassc-0:2.0.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-sassc-0:2.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sassc-debuginfo-0:2.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sassc-debugsource-0:2.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sassc-doc-0:2.0.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-sqlite3-0:1.3.13-2.el8cf.src",
"8Base-CFME-5.11:rubygem-sqlite3-0:1.3.13-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sqlite3-debuginfo-0:1.3.13-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sqlite3-debugsource-0:1.3.13-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sqlite3-doc-0:1.3.13-2.el8cf.noarch",
"8Base-CFME-5.11:rubygem-surro-gate-0:1.0.5-1.el8cf.src",
"8Base-CFME-5.11:rubygem-surro-gate-0:1.0.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-surro-gate-debuginfo-0:1.0.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-surro-gate-debugsource-0:1.0.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-surro-gate-doc-0:1.0.5-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-unf_ext-0:0.0.7.6-1.el8cf.src",
"8Base-CFME-5.11:rubygem-unf_ext-0:0.0.7.6-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-unf_ext-debuginfo-0:0.0.7.6-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-unf_ext-debugsource-0:0.0.7.6-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-unf_ext-doc-0:0.0.7.6-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-websocket-driver-0:0.6.5-1.el8cf.src",
"8Base-CFME-5.11:rubygem-websocket-driver-0:0.6.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-websocket-driver-debuginfo-0:0.6.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-websocket-driver-debugsource-0:0.6.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-websocket-driver-doc-0:0.6.5-1.el8cf.noarch",
"8Base-CFME-5.11:smem-0:1.4-1.el8cf.noarch",
"8Base-CFME-5.11:smem-0:1.4-1.el8cf.src",
"8Base-CFME-5.11:v2v-conversion-host-0:1.14.2-1.el8ev.src",
"8Base-CFME-5.11:v2v-conversion-host-ansible-0:1.14.2-1.el8ev.noarch",
"8Base-CFME-5.11:wmi-0:1.3.14-8.el8cf.src",
"8Base-CFME-5.11:wmi-0:1.3.14-8.el8cf.x86_64",
"8Base-CFME-5.11:wmi-debuginfo-0:1.3.14-8.el8cf.x86_64",
"8Base-CFME-5.11:wmi-debugsource-0:1.3.14-8.el8cf.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"8Base-CFME-5.11:ansible-runner-0:1.3.4-2.el8ar.noarch",
"8Base-CFME-5.11:ansible-runner-0:1.3.4-2.el8ar.src",
"8Base-CFME-5.11:ansible-tower-venv-ansible-0:3.5.2-1.el8at.x86_64",
"8Base-CFME-5.11:cfme-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-amazon-smartstate-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-amazon-smartstate-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-appliance-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-appliance-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-appliance-common-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-appliance-tools-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:cfme-gemset-0:5.11.0.28-1.el8cf.src",
"8Base-CFME-5.11:cfme-gemset-0:5.11.0.28-1.el8cf.x86_64",
"8Base-CFME-5.11:ovirt-ansible-cluster-upgrade-0:1.1.13-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-cluster-upgrade-0:1.1.13-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-disaster-recovery-0:1.2.0-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-disaster-recovery-0:1.2.0-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-engine-setup-0:1.1.9-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-engine-setup-0:1.1.9-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-hosted-engine-setup-0:1.0.26-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-hosted-engine-setup-0:1.0.26-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-image-template-0:1.1.11-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-image-template-0:1.1.11-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-infra-0:1.1.12-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-infra-0:1.1.12-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-manageiq-0:1.1.14-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-manageiq-0:1.1.14-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-repositories-0:1.1.5-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-repositories-0:1.1.5-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-roles-0:1.1.7-2.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-roles-0:1.1.7-2.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-shutdown-env-0:1.0.3-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-shutdown-env-0:1.0.3-1.el8ev.src",
"8Base-CFME-5.11:ovirt-ansible-vm-infra-0:1.1.19-1.el8ev.noarch",
"8Base-CFME-5.11:ovirt-ansible-vm-infra-0:1.1.19-1.el8ev.src",
"8Base-CFME-5.11:prince-0:12.4-1.el8cf.src",
"8Base-CFME-5.11:prince-0:12.4-1.el8cf.x86_64",
"8Base-CFME-5.11:python-bambou-0:3.0.1-2.el8cf.src",
"8Base-CFME-5.11:python-colorama-0:0.4.1-1.el8ost.src",
"8Base-CFME-5.11:python-daemon-0:2.1.2-9.el8ar.src",
"8Base-CFME-5.11:python-funcsigs-0:1.0.2-3.el8ost.src",
"8Base-CFME-5.11:python-future-0:0.16.0-1.el8cf.src",
"8Base-CFME-5.11:python-lockfile-1:0.11.0-8.el8ar.src",
"8Base-CFME-5.11:python-mock-0:2.0.0-11.el8ost.src",
"8Base-CFME-5.11:python-pbr-0:5.1.2-2.el8ost.src",
"8Base-CFME-5.11:python-pexpect-0:4.6-2.el8ar.src",
"8Base-CFME-5.11:python-psutil-0:5.4.3-5.el8ar.src",
"8Base-CFME-5.11:python-psutil-debugsource-0:5.4.3-5.el8ar.x86_64",
"8Base-CFME-5.11:python-pylxca-0:2.1.1-2.el8cf.src",
"8Base-CFME-5.11:python-requests-toolbelt-0:0.8.0-2.el8cf.src",
"8Base-CFME-5.11:python-tabulate-0:0.8.2-1.el8cf.src",
"8Base-CFME-5.11:python-vspk-0:5.3.2-2.el8cf.src",
"8Base-CFME-5.11:python3-ansible-runner-0:1.3.4-2.el8ar.noarch",
"8Base-CFME-5.11:python3-bambou-0:3.0.1-2.el8cf.noarch",
"8Base-CFME-5.11:python3-colorama-0:0.4.1-1.el8ost.noarch",
"8Base-CFME-5.11:python3-daemon-0:2.1.2-9.el8ar.noarch",
"8Base-CFME-5.11:python3-funcsigs-0:1.0.2-3.el8ost.noarch",
"8Base-CFME-5.11:python3-future-0:0.16.0-1.el8cf.noarch",
"8Base-CFME-5.11:python3-lockfile-1:0.11.0-8.el8ar.noarch",
"8Base-CFME-5.11:python3-mock-0:2.0.0-11.el8ost.noarch",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-0:4.3.2-1.el8ev.src",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-0:4.3.2-1.el8ev.x86_64",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-debuginfo-0:4.3.2-1.el8ev.x86_64",
"8Base-CFME-5.11:python3-ovirt-engine-sdk4-debugsource-0:4.3.2-1.el8ev.x86_64",
"8Base-CFME-5.11:python3-pbr-0:5.1.2-2.el8ost.noarch",
"8Base-CFME-5.11:python3-pexpect-0:4.6-2.el8ar.noarch",
"8Base-CFME-5.11:python3-psutil-0:5.4.3-5.el8ar.x86_64",
"8Base-CFME-5.11:python3-psutil-debuginfo-0:5.4.3-5.el8ar.x86_64",
"8Base-CFME-5.11:python3-pylxca-0:2.1.1-2.el8cf.noarch",
"8Base-CFME-5.11:python3-qpid-proton-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:python3-requests-toolbelt-0:0.8.0-2.el8cf.noarch",
"8Base-CFME-5.11:python3-tabulate-0:0.8.2-1.el8cf.noarch",
"8Base-CFME-5.11:python3-vspk-0:5.3.2-2.el8cf.noarch",
"8Base-CFME-5.11:qpid-proton-0:0.28.0-1.el8.src",
"8Base-CFME-5.11:qpid-proton-c-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-c-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-c-devel-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-c-docs-0:0.28.0-1.el8.noarch",
"8Base-CFME-5.11:qpid-proton-cpp-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-debuginfo-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:qpid-proton-debugsource-0:0.28.0-1.el8.x86_64",
"8Base-CFME-5.11:repmgr10-0:4.0.6-3.el8cf.src",
"8Base-CFME-5.11:repmgr10-0:4.0.6-3.el8cf.x86_64",
"8Base-CFME-5.11:repmgr10-debuginfo-0:4.0.6-3.el8cf.x86_64",
"8Base-CFME-5.11:repmgr10-debugsource-0:4.0.6-3.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-0:3.1.13-1.el8cf.src",
"8Base-CFME-5.11:rubygem-bcrypt-0:3.1.13-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-debuginfo-0:3.1.13-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-debugsource-0:3.1.13-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-bcrypt-doc-0:3.1.13-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-byebug-0:11.0.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-byebug-0:11.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-byebug-debuginfo-0:11.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-byebug-debugsource-0:11.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-byebug-doc-0:11.0.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-escape_utils-0:1.2.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-escape_utils-0:1.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-escape_utils-debuginfo-0:1.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-escape_utils-debugsource-0:1.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-escape_utils-doc-0:1.2.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-ffi-0:1.9.25-1.el8cf.src",
"8Base-CFME-5.11:rubygem-ffi-0:1.9.25-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ffi-debuginfo-0:1.9.25-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ffi-debugsource-0:1.9.25-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ffi-doc-0:1.9.25-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-hamlit-0:2.8.10-1.el8cf.src",
"8Base-CFME-5.11:rubygem-hamlit-0:2.8.10-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-hamlit-debuginfo-0:2.8.10-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-hamlit-debugsource-0:2.8.10-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-hamlit-doc-0:2.8.10-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-http_parser.rb-0:0.6.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-http_parser.rb-0:0.6.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-http_parser.rb-debuginfo-0:0.6.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-http_parser.rb-debugsource-0:0.6.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-http_parser.rb-doc-0:0.6.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-linux_block_device-0:0.2.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-linux_block_device-0:0.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-linux_block_device-debuginfo-0:0.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-linux_block_device-debugsource-0:0.2.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-linux_block_device-doc-0:0.2.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-memory_buffer-0:0.1.0-2.el8cf.src",
"8Base-CFME-5.11:rubygem-memory_buffer-0:0.1.0-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-memory_buffer-debuginfo-0:0.1.0-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-memory_buffer-debugsource-0:0.1.0-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-memory_buffer-doc-0:0.1.0-2.el8cf.noarch",
"8Base-CFME-5.11:rubygem-nio4r-0:2.4.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-nio4r-0:2.4.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nio4r-debuginfo-0:2.4.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nio4r-debugsource-0:2.4.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nio4r-doc-0:2.4.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-nokogiri-0:1.8.5-1.el8cf.src",
"8Base-CFME-5.11:rubygem-nokogiri-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nokogiri-debuginfo-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nokogiri-debugsource-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-nokogiri-doc-0:1.8.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-0:4.3.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-0:4.3.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-debuginfo-0:4.3.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-debugsource-0:4.3.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-ovirt-engine-sdk4-doc-0:4.3.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-puma-0:3.7.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-puma-0:3.7.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-puma-debuginfo-0:3.7.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-puma-debugsource-0:3.7.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-puma-doc-0:3.7.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-qpid_proton-0:0.26.0-1.el8cf.src",
"8Base-CFME-5.11:rubygem-qpid_proton-0:0.26.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-qpid_proton-debuginfo-0:0.26.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-qpid_proton-debugsource-0:0.26.0-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-qpid_proton-doc-0:0.26.0-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-rugged-0:0.28.2-1.el8cf.src",
"8Base-CFME-5.11:rubygem-rugged-0:0.28.2-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-rugged-debuginfo-0:0.28.2-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-rugged-debugsource-0:0.28.2-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-rugged-doc-0:0.28.2-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-sassc-0:2.0.1-1.el8cf.src",
"8Base-CFME-5.11:rubygem-sassc-0:2.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sassc-debuginfo-0:2.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sassc-debugsource-0:2.0.1-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sassc-doc-0:2.0.1-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-sqlite3-0:1.3.13-2.el8cf.src",
"8Base-CFME-5.11:rubygem-sqlite3-0:1.3.13-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sqlite3-debuginfo-0:1.3.13-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sqlite3-debugsource-0:1.3.13-2.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-sqlite3-doc-0:1.3.13-2.el8cf.noarch",
"8Base-CFME-5.11:rubygem-surro-gate-0:1.0.5-1.el8cf.src",
"8Base-CFME-5.11:rubygem-surro-gate-0:1.0.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-surro-gate-debuginfo-0:1.0.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-surro-gate-debugsource-0:1.0.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-surro-gate-doc-0:1.0.5-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-unf_ext-0:0.0.7.6-1.el8cf.src",
"8Base-CFME-5.11:rubygem-unf_ext-0:0.0.7.6-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-unf_ext-debuginfo-0:0.0.7.6-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-unf_ext-debugsource-0:0.0.7.6-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-unf_ext-doc-0:0.0.7.6-1.el8cf.noarch",
"8Base-CFME-5.11:rubygem-websocket-driver-0:0.6.5-1.el8cf.src",
"8Base-CFME-5.11:rubygem-websocket-driver-0:0.6.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-websocket-driver-debuginfo-0:0.6.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-websocket-driver-debugsource-0:0.6.5-1.el8cf.x86_64",
"8Base-CFME-5.11:rubygem-websocket-driver-doc-0:0.6.5-1.el8cf.noarch",
"8Base-CFME-5.11:smem-0:1.4-1.el8cf.noarch",
"8Base-CFME-5.11:smem-0:1.4-1.el8cf.src",
"8Base-CFME-5.11:v2v-conversion-host-0:1.14.2-1.el8ev.src",
"8Base-CFME-5.11:v2v-conversion-host-ansible-0:1.14.2-1.el8ev.noarch",
"8Base-CFME-5.11:wmi-0:1.3.14-8.el8cf.src",
"8Base-CFME-5.11:wmi-0:1.3.14-8.el8cf.x86_64",
"8Base-CFME-5.11:wmi-debuginfo-0:1.3.14-8.el8cf.x86_64",
"8Base-CFME-5.11:wmi-debugsource-0:1.3.14-8.el8cf.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "qpid-proton: TLS Man in the Middle Vulnerability"
}
]
}
WID-SEC-W-2023-0851
Vulnerability from csaf_certbund
Published
2023-04-04 22:00
Modified
2023-04-04 22:00
Summary
IBM Maximo Asset Management: Mehrere Schwachstellen ermöglichen Cross-Site Scripting
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Maximo Asset Management ist ein Enterprise-Asset-Management-System, das umfassenden Support für Assets, Maintenance, Ressourcen und Supply-Chain-Management-Anforderungen bietet.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in IBM Maximo Asset Management ausnutzen, um einen Cross-Site Scripting Angriff durchzuführen.
Betroffene Betriebssysteme
- Appliance
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Maximo Asset Management ist ein Enterprise-Asset-Management-System, das umfassenden Support f\u00fcr Assets, Maintenance, Ressourcen und Supply-Chain-Management-Anforderungen bietet.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in IBM Maximo Asset Management ausnutzen, um einen Cross-Site Scripting Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Appliance",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-0851 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-0851.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-0851 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0851"
},
{
"category": "external",
"summary": "IBM Security Bulletin: 6980757 vom 2023-04-04",
"url": "https://www.ibm.com/support/pages/node/6980757"
}
],
"source_lang": "en-US",
"title": "IBM Maximo Asset Management: Mehrere Schwachstellen erm\u00f6glichen Cross-Site Scripting",
"tracking": {
"current_release_date": "2023-04-04T22:00:00.000+00:00",
"generator": {
"date": "2024-08-15T17:48:05.876+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2023-0851",
"initial_release_date": "2023-04-04T22:00:00.000+00:00",
"revision_history": [
{
"date": "2023-04-04T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "IBM Maximo Asset Management \u003c 7.6.1.2",
"product": {
"name": "IBM Maximo Asset Management \u003c 7.6.1.2",
"product_id": "T027067",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:maximo_asset_management:7.6.1.2"
}
}
}
],
"category": "vendor",
"name": "IBM"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-8331",
"notes": [
{
"category": "description",
"text": "In IBM Maximo Asset Management existieren mehrere Cross-Site Scripting Schwachstellen. HTML und Script-Eingaben werden nicht ordnungsgem\u00e4\u00df \u00fcberpr\u00fcft, bevor sie an den Benutzer zur\u00fcckgegeben werden. Ein entfernter, anonymer Angreifer kann durch Ausnutzung dieser Schwachstellen beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"release_date": "2023-04-04T22:00:00.000+00:00",
"title": "CVE-2019-8331"
},
{
"cve": "CVE-2018-20677",
"notes": [
{
"category": "description",
"text": "In IBM Maximo Asset Management existieren mehrere Cross-Site Scripting Schwachstellen. HTML und Script-Eingaben werden nicht ordnungsgem\u00e4\u00df \u00fcberpr\u00fcft, bevor sie an den Benutzer zur\u00fcckgegeben werden. Ein entfernter, anonymer Angreifer kann durch Ausnutzung dieser Schwachstellen beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"release_date": "2023-04-04T22:00:00.000+00:00",
"title": "CVE-2018-20677"
},
{
"cve": "CVE-2018-20676",
"notes": [
{
"category": "description",
"text": "In IBM Maximo Asset Management existieren mehrere Cross-Site Scripting Schwachstellen. HTML und Script-Eingaben werden nicht ordnungsgem\u00e4\u00df \u00fcberpr\u00fcft, bevor sie an den Benutzer zur\u00fcckgegeben werden. Ein entfernter, anonymer Angreifer kann durch Ausnutzung dieser Schwachstellen beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"release_date": "2023-04-04T22:00:00.000+00:00",
"title": "CVE-2018-20676"
},
{
"cve": "CVE-2018-14042",
"notes": [
{
"category": "description",
"text": "In IBM Maximo Asset Management existieren mehrere Cross-Site Scripting Schwachstellen. HTML und Script-Eingaben werden nicht ordnungsgem\u00e4\u00df \u00fcberpr\u00fcft, bevor sie an den Benutzer zur\u00fcckgegeben werden. Ein entfernter, anonymer Angreifer kann durch Ausnutzung dieser Schwachstellen beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"release_date": "2023-04-04T22:00:00.000+00:00",
"title": "CVE-2018-14042"
},
{
"cve": "CVE-2018-14040",
"notes": [
{
"category": "description",
"text": "In IBM Maximo Asset Management existieren mehrere Cross-Site Scripting Schwachstellen. HTML und Script-Eingaben werden nicht ordnungsgem\u00e4\u00df \u00fcberpr\u00fcft, bevor sie an den Benutzer zur\u00fcckgegeben werden. Ein entfernter, anonymer Angreifer kann durch Ausnutzung dieser Schwachstellen beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"release_date": "2023-04-04T22:00:00.000+00:00",
"title": "CVE-2018-14040"
},
{
"cve": "CVE-2016-10735",
"notes": [
{
"category": "description",
"text": "In IBM Maximo Asset Management existieren mehrere Cross-Site Scripting Schwachstellen. HTML und Script-Eingaben werden nicht ordnungsgem\u00e4\u00df \u00fcberpr\u00fcft, bevor sie an den Benutzer zur\u00fcckgegeben werden. Ein entfernter, anonymer Angreifer kann durch Ausnutzung dieser Schwachstellen beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"release_date": "2023-04-04T22:00:00.000+00:00",
"title": "CVE-2016-10735"
}
]
}
wid-sec-w-2023-0851
Vulnerability from csaf_certbund
Published
2023-04-04 22:00
Modified
2023-04-04 22:00
Summary
IBM Maximo Asset Management: Mehrere Schwachstellen ermöglichen Cross-Site Scripting
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Maximo Asset Management ist ein Enterprise-Asset-Management-System, das umfassenden Support für Assets, Maintenance, Ressourcen und Supply-Chain-Management-Anforderungen bietet.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in IBM Maximo Asset Management ausnutzen, um einen Cross-Site Scripting Angriff durchzuführen.
Betroffene Betriebssysteme
- Appliance
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Maximo Asset Management ist ein Enterprise-Asset-Management-System, das umfassenden Support f\u00fcr Assets, Maintenance, Ressourcen und Supply-Chain-Management-Anforderungen bietet.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in IBM Maximo Asset Management ausnutzen, um einen Cross-Site Scripting Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Appliance",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-0851 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-0851.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-0851 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0851"
},
{
"category": "external",
"summary": "IBM Security Bulletin: 6980757 vom 2023-04-04",
"url": "https://www.ibm.com/support/pages/node/6980757"
}
],
"source_lang": "en-US",
"title": "IBM Maximo Asset Management: Mehrere Schwachstellen erm\u00f6glichen Cross-Site Scripting",
"tracking": {
"current_release_date": "2023-04-04T22:00:00.000+00:00",
"generator": {
"date": "2024-08-15T17:48:05.876+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2023-0851",
"initial_release_date": "2023-04-04T22:00:00.000+00:00",
"revision_history": [
{
"date": "2023-04-04T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "IBM Maximo Asset Management \u003c 7.6.1.2",
"product": {
"name": "IBM Maximo Asset Management \u003c 7.6.1.2",
"product_id": "T027067",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:maximo_asset_management:7.6.1.2"
}
}
}
],
"category": "vendor",
"name": "IBM"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-8331",
"notes": [
{
"category": "description",
"text": "In IBM Maximo Asset Management existieren mehrere Cross-Site Scripting Schwachstellen. HTML und Script-Eingaben werden nicht ordnungsgem\u00e4\u00df \u00fcberpr\u00fcft, bevor sie an den Benutzer zur\u00fcckgegeben werden. Ein entfernter, anonymer Angreifer kann durch Ausnutzung dieser Schwachstellen beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"release_date": "2023-04-04T22:00:00.000+00:00",
"title": "CVE-2019-8331"
},
{
"cve": "CVE-2018-20677",
"notes": [
{
"category": "description",
"text": "In IBM Maximo Asset Management existieren mehrere Cross-Site Scripting Schwachstellen. HTML und Script-Eingaben werden nicht ordnungsgem\u00e4\u00df \u00fcberpr\u00fcft, bevor sie an den Benutzer zur\u00fcckgegeben werden. Ein entfernter, anonymer Angreifer kann durch Ausnutzung dieser Schwachstellen beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"release_date": "2023-04-04T22:00:00.000+00:00",
"title": "CVE-2018-20677"
},
{
"cve": "CVE-2018-20676",
"notes": [
{
"category": "description",
"text": "In IBM Maximo Asset Management existieren mehrere Cross-Site Scripting Schwachstellen. HTML und Script-Eingaben werden nicht ordnungsgem\u00e4\u00df \u00fcberpr\u00fcft, bevor sie an den Benutzer zur\u00fcckgegeben werden. Ein entfernter, anonymer Angreifer kann durch Ausnutzung dieser Schwachstellen beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"release_date": "2023-04-04T22:00:00.000+00:00",
"title": "CVE-2018-20676"
},
{
"cve": "CVE-2018-14042",
"notes": [
{
"category": "description",
"text": "In IBM Maximo Asset Management existieren mehrere Cross-Site Scripting Schwachstellen. HTML und Script-Eingaben werden nicht ordnungsgem\u00e4\u00df \u00fcberpr\u00fcft, bevor sie an den Benutzer zur\u00fcckgegeben werden. Ein entfernter, anonymer Angreifer kann durch Ausnutzung dieser Schwachstellen beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"release_date": "2023-04-04T22:00:00.000+00:00",
"title": "CVE-2018-14042"
},
{
"cve": "CVE-2018-14040",
"notes": [
{
"category": "description",
"text": "In IBM Maximo Asset Management existieren mehrere Cross-Site Scripting Schwachstellen. HTML und Script-Eingaben werden nicht ordnungsgem\u00e4\u00df \u00fcberpr\u00fcft, bevor sie an den Benutzer zur\u00fcckgegeben werden. Ein entfernter, anonymer Angreifer kann durch Ausnutzung dieser Schwachstellen beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"release_date": "2023-04-04T22:00:00.000+00:00",
"title": "CVE-2018-14040"
},
{
"cve": "CVE-2016-10735",
"notes": [
{
"category": "description",
"text": "In IBM Maximo Asset Management existieren mehrere Cross-Site Scripting Schwachstellen. HTML und Script-Eingaben werden nicht ordnungsgem\u00e4\u00df \u00fcberpr\u00fcft, bevor sie an den Benutzer zur\u00fcckgegeben werden. Ein entfernter, anonymer Angreifer kann durch Ausnutzung dieser Schwachstellen beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"release_date": "2023-04-04T22:00:00.000+00:00",
"title": "CVE-2016-10735"
}
]
}
WID-SEC-W-2023-0239
Vulnerability from csaf_certbund
Published
2023-01-31 23:00
Modified
2024-02-28 23:00
Summary
Red Hat JBoss Enterprise Application Platform: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
JBoss Enterprise Application Platform ist eine skalierbare Plattform für Java-Anwendungen, inklusive JBoss Application Server, JBoss Hibernate und Boss Seam.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Red Hat JBoss Enterprise Application Platform ausnutzen, um beliebigen Programmcode auszuführen, ein Cross-Site-Scritping-Angriff durchzuführen, Informationen offenzulegen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.
Betroffene Betriebssysteme
- Linux
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "JBoss Enterprise Application Platform ist eine skalierbare Plattform f\u00fcr Java-Anwendungen, inklusive JBoss Application Server, JBoss Hibernate und Boss Seam.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Red Hat JBoss Enterprise Application Platform ausnutzen, um beliebigen Programmcode auszuf\u00fchren, ein Cross-Site-Scritping-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-0239 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-0239.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-0239 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0239"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:0552 vom 2023-01-31",
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:0553 vom 2023-01-31",
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:0554 vom 2023-01-31",
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:0556 vom 2023-01-31",
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:0560 vom 2023-02-08",
"url": "https://access.redhat.com/errata/RHSA-2023:0560"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:0713 vom 2023-02-09",
"url": "https://access.redhat.com/errata/RHSA-2023:0713"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:1044 vom 2023-03-02",
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:1043 vom 2023-03-02",
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:1049 vom 2023-03-02",
"url": "https://access.redhat.com/errata/RHSA-2023:1049"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:1047 vom 2023-03-02",
"url": "https://access.redhat.com/errata/RHSA-2023:1047"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:1045 vom 2023-03-02",
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
},
{
"category": "external",
"summary": "F5 Security Advisory K48382137 vom 2023-04-21",
"url": "https://my.f5.com/manage/s/article/K48382137"
},
{
"category": "external",
"summary": "F5 Security Advisory K05380109 vom 2023-04-20",
"url": "https://my.f5.com/manage/s/article/K05380109"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:3223 vom 2023-05-18",
"url": "https://access.redhat.com/errata/RHSA-2023:3223"
},
{
"category": "external",
"summary": "Hitachi Software Vulnerability Information hitachi-sec-2023-116 vom 2023-05-23",
"url": "https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-116/index.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:4983 vom 2023-09-05",
"url": "https://access.redhat.com/errata/RHSA-2023:4983"
},
{
"category": "external",
"summary": "Hitachi Vulnerability Information HITACHI-SEC-2023-143 vom 2023-10-03",
"url": "https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-143/index.html"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2023-409 vom 2023-12-23",
"url": "https://www.dell.com/support/kbdoc/000220669/dsa-2023-="
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:1027 vom 2024-02-28",
"url": "https://access.redhat.com/errata/RHSA-2024:1027"
}
],
"source_lang": "en-US",
"title": "Red Hat JBoss Enterprise Application Platform: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-02-28T23:00:00.000+00:00",
"generator": {
"date": "2024-08-15T17:42:48.458+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2023-0239",
"initial_release_date": "2023-01-31T23:00:00.000+00:00",
"revision_history": [
{
"date": "2023-01-31T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2023-02-08T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-02-09T23:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-03-01T23:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-04-20T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von F5 aufgenommen"
},
{
"date": "2023-05-18T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-05-22T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von HITACHI aufgenommen"
},
{
"date": "2023-09-05T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-10-03T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von HITACHI aufgenommen"
},
{
"date": "2023-12-26T23:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von Dell aufgenommen"
},
{
"date": "2024-02-28T23:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Red Hat aufgenommen"
}
],
"status": "final",
"version": "11"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "F5 BIG-IP",
"product": {
"name": "F5 BIG-IP",
"product_id": "T001663",
"product_identification_helper": {
"cpe": "cpe:/a:f5:big-ip:-"
}
}
}
],
"category": "vendor",
"name": "F5"
},
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Hitachi Ops Center",
"product": {
"name": "Hitachi Ops Center",
"product_id": "T017562",
"product_identification_helper": {
"cpe": "cpe:/a:hitachi:ops_center:-"
}
}
},
{
"category": "product_version_range",
"name": "\u003c Common Services 10.9.3-00",
"product": {
"name": "Hitachi Ops Center \u003c Common Services 10.9.3-00",
"product_id": "T030195"
}
}
],
"category": "product_name",
"name": "Ops Center"
}
],
"category": "vendor",
"name": "Hitachi"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
},
{
"branches": [
{
"category": "product_version_range",
"name": "Streams \u003c 2.4.0",
"product": {
"name": "Red Hat JBoss A-MQ Streams \u003c 2.4.0",
"product_id": "T027764"
}
}
],
"category": "product_name",
"name": "JBoss A-MQ"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c 7.4.9",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform \u003c 7.4.9",
"product_id": "T026073"
}
}
],
"category": "product_name",
"name": "JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "container platform 4.0.51",
"product": {
"name": "Red Hat OpenShift container platform 4.0.51",
"product_id": "T026183",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform_4.0.51"
}
}
}
],
"category": "product_name",
"name": "OpenShift"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-9251",
"notes": [
{
"category": "description",
"text": "In Red Hat JBoss Enterprise Application Platform existieren mehrere Schwachstellen. Diese bestehen aufgrund von Fehlern in verschiedenen Komponenten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, ein Cross-Site-Scritping-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T026183",
"67646",
"T001663",
"T027764",
"T030195",
"T017562"
]
},
"release_date": "2023-01-31T23:00:00.000+00:00",
"title": "CVE-2015-9251"
},
{
"cve": "CVE-2016-10735",
"notes": [
{
"category": "description",
"text": "In Red Hat JBoss Enterprise Application Platform existieren mehrere Schwachstellen. Diese bestehen aufgrund von Fehlern in verschiedenen Komponenten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, ein Cross-Site-Scritping-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T026183",
"67646",
"T001663",
"T027764",
"T030195",
"T017562"
]
},
"release_date": "2023-01-31T23:00:00.000+00:00",
"title": "CVE-2016-10735"
},
{
"cve": "CVE-2017-18214",
"notes": [
{
"category": "description",
"text": "In Red Hat JBoss Enterprise Application Platform existieren mehrere Schwachstellen. Diese bestehen aufgrund von Fehlern in verschiedenen Komponenten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, ein Cross-Site-Scritping-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T026183",
"67646",
"T001663",
"T027764",
"T030195",
"T017562"
]
},
"release_date": "2023-01-31T23:00:00.000+00:00",
"title": "CVE-2017-18214"
},
{
"cve": "CVE-2018-14040",
"notes": [
{
"category": "description",
"text": "In Red Hat JBoss Enterprise Application Platform existieren mehrere Schwachstellen. Diese bestehen aufgrund von Fehlern in verschiedenen Komponenten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, ein Cross-Site-Scritping-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T026183",
"67646",
"T001663",
"T027764",
"T030195",
"T017562"
]
},
"release_date": "2023-01-31T23:00:00.000+00:00",
"title": "CVE-2018-14040"
},
{
"cve": "CVE-2018-14041",
"notes": [
{
"category": "description",
"text": "In Red Hat JBoss Enterprise Application Platform existieren mehrere Schwachstellen. Diese bestehen aufgrund von Fehlern in verschiedenen Komponenten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, ein Cross-Site-Scritping-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T026183",
"67646",
"T001663",
"T027764",
"T030195",
"T017562"
]
},
"release_date": "2023-01-31T23:00:00.000+00:00",
"title": "CVE-2018-14041"
},
{
"cve": "CVE-2018-14042",
"notes": [
{
"category": "description",
"text": "In Red Hat JBoss Enterprise Application Platform existieren mehrere Schwachstellen. Diese bestehen aufgrund von Fehlern in verschiedenen Komponenten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, ein Cross-Site-Scritping-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T026183",
"67646",
"T001663",
"T027764",
"T030195",
"T017562"
]
},
"release_date": "2023-01-31T23:00:00.000+00:00",
"title": "CVE-2018-14042"
},
{
"cve": "CVE-2019-11358",
"notes": [
{
"category": "description",
"text": "In Red Hat JBoss Enterprise Application Platform existieren mehrere Schwachstellen. Diese bestehen aufgrund von Fehlern in verschiedenen Komponenten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, ein Cross-Site-Scritping-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T026183",
"67646",
"T001663",
"T027764",
"T030195",
"T017562"
]
},
"release_date": "2023-01-31T23:00:00.000+00:00",
"title": "CVE-2019-11358"
},
{
"cve": "CVE-2019-8331",
"notes": [
{
"category": "description",
"text": "In Red Hat JBoss Enterprise Application Platform existieren mehrere Schwachstellen. Diese bestehen aufgrund von Fehlern in verschiedenen Komponenten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, ein Cross-Site-Scritping-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T026183",
"67646",
"T001663",
"T027764",
"T030195",
"T017562"
]
},
"release_date": "2023-01-31T23:00:00.000+00:00",
"title": "CVE-2019-8331"
},
{
"cve": "CVE-2020-11022",
"notes": [
{
"category": "description",
"text": "In Red Hat JBoss Enterprise Application Platform existieren mehrere Schwachstellen. Diese bestehen aufgrund von Fehlern in verschiedenen Komponenten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, ein Cross-Site-Scritping-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T026183",
"67646",
"T001663",
"T027764",
"T030195",
"T017562"
]
},
"release_date": "2023-01-31T23:00:00.000+00:00",
"title": "CVE-2020-11022"
},
{
"cve": "CVE-2020-11023",
"notes": [
{
"category": "description",
"text": "In Red Hat JBoss Enterprise Application Platform existieren mehrere Schwachstellen. Diese bestehen aufgrund von Fehlern in verschiedenen Komponenten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, ein Cross-Site-Scritping-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T026183",
"67646",
"T001663",
"T027764",
"T030195",
"T017562"
]
},
"release_date": "2023-01-31T23:00:00.000+00:00",
"title": "CVE-2020-11023"
},
{
"cve": "CVE-2022-3143",
"notes": [
{
"category": "description",
"text": "In Red Hat JBoss Enterprise Application Platform existieren mehrere Schwachstellen. Diese bestehen aufgrund von Fehlern in verschiedenen Komponenten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, ein Cross-Site-Scritping-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T026183",
"67646",
"T001663",
"T027764",
"T030195",
"T017562"
]
},
"release_date": "2023-01-31T23:00:00.000+00:00",
"title": "CVE-2022-3143"
},
{
"cve": "CVE-2022-40149",
"notes": [
{
"category": "description",
"text": "In Red Hat JBoss Enterprise Application Platform existieren mehrere Schwachstellen. Diese bestehen aufgrund von Fehlern in verschiedenen Komponenten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, ein Cross-Site-Scritping-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T026183",
"67646",
"T001663",
"T027764",
"T030195",
"T017562"
]
},
"release_date": "2023-01-31T23:00:00.000+00:00",
"title": "CVE-2022-40149"
},
{
"cve": "CVE-2022-40150",
"notes": [
{
"category": "description",
"text": "In Red Hat JBoss Enterprise Application Platform existieren mehrere Schwachstellen. Diese bestehen aufgrund von Fehlern in verschiedenen Komponenten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, ein Cross-Site-Scritping-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T026183",
"67646",
"T001663",
"T027764",
"T030195",
"T017562"
]
},
"release_date": "2023-01-31T23:00:00.000+00:00",
"title": "CVE-2022-40150"
},
{
"cve": "CVE-2022-40152",
"notes": [
{
"category": "description",
"text": "In Red Hat JBoss Enterprise Application Platform existieren mehrere Schwachstellen. Diese bestehen aufgrund von Fehlern in verschiedenen Komponenten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, ein Cross-Site-Scritping-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T026183",
"67646",
"T001663",
"T027764",
"T030195",
"T017562"
]
},
"release_date": "2023-01-31T23:00:00.000+00:00",
"title": "CVE-2022-40152"
},
{
"cve": "CVE-2022-42003",
"notes": [
{
"category": "description",
"text": "In Red Hat JBoss Enterprise Application Platform existieren mehrere Schwachstellen. Diese bestehen aufgrund von Fehlern in verschiedenen Komponenten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, ein Cross-Site-Scritping-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T026183",
"67646",
"T001663",
"T027764",
"T030195",
"T017562"
]
},
"release_date": "2023-01-31T23:00:00.000+00:00",
"title": "CVE-2022-42003"
},
{
"cve": "CVE-2022-42004",
"notes": [
{
"category": "description",
"text": "In Red Hat JBoss Enterprise Application Platform existieren mehrere Schwachstellen. Diese bestehen aufgrund von Fehlern in verschiedenen Komponenten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, ein Cross-Site-Scritping-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T026183",
"67646",
"T001663",
"T027764",
"T030195",
"T017562"
]
},
"release_date": "2023-01-31T23:00:00.000+00:00",
"title": "CVE-2022-42004"
},
{
"cve": "CVE-2022-45047",
"notes": [
{
"category": "description",
"text": "In Red Hat JBoss Enterprise Application Platform existieren mehrere Schwachstellen. Diese bestehen aufgrund von Fehlern in verschiedenen Komponenten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, ein Cross-Site-Scritping-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T026183",
"67646",
"T001663",
"T027764",
"T030195",
"T017562"
]
},
"release_date": "2023-01-31T23:00:00.000+00:00",
"title": "CVE-2022-45047"
},
{
"cve": "CVE-2022-45693",
"notes": [
{
"category": "description",
"text": "In Red Hat JBoss Enterprise Application Platform existieren mehrere Schwachstellen. Diese bestehen aufgrund von Fehlern in verschiedenen Komponenten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, ein Cross-Site-Scritping-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T026183",
"67646",
"T001663",
"T027764",
"T030195",
"T017562"
]
},
"release_date": "2023-01-31T23:00:00.000+00:00",
"title": "CVE-2022-45693"
},
{
"cve": "CVE-2022-46364",
"notes": [
{
"category": "description",
"text": "In Red Hat JBoss Enterprise Application Platform existieren mehrere Schwachstellen. Diese bestehen aufgrund von Fehlern in verschiedenen Komponenten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, ein Cross-Site-Scritping-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T026183",
"67646",
"T001663",
"T027764",
"T030195",
"T017562"
]
},
"release_date": "2023-01-31T23:00:00.000+00:00",
"title": "CVE-2022-46364"
}
]
}
wid-sec-w-2022-1947
Vulnerability from csaf_certbund
Published
2019-06-11 22:00
Modified
2023-10-15 22:00
Summary
Red Hat Single Sign On: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Red Hat Single Sign-On ist ein eigenständiger Server, basierend auf dem Keycloak Projekt.
Angriff
Ein Angreifer kann mehrere Schwachstellen in Red Hat Single Sign On ausnutzen, um einen Cross-Site Scripting Angriff durchzuführen, einen Denial of Service Zustand hervorzurufen, Informationen auszuspähen, Sicherheitsvorkehrungen zu umgehen oder beliebigen Programmcode auszuführen.
Betroffene Betriebssysteme
- Linux
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Red Hat Single Sign-On ist ein eigenst\u00e4ndiger Server, basierend auf dem Keycloak Projekt.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in Red Hat Single Sign On ausnutzen, um einen Cross-Site Scripting Angriff durchzuf\u00fchren, einen Denial of Service Zustand hervorzurufen, Informationen auszusp\u00e4hen, Sicherheitsvorkehrungen zu umgehen oder beliebigen Programmcode auszuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2022-1947 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2019/wid-sec-w-2022-1947.json"
},
{
"category": "self",
"summary": "WID-SEC-2022-1947 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-1947"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:5693 vom 2023-10-16",
"url": "https://access.redhat.com/errata/RHSA-2023:5693"
},
{
"category": "external",
"summary": "Red Hat Security Advisory: RHSA-2019:1456 vom 2019-06-11",
"url": "https://access.redhat.com/errata/RHSA-2019:1456"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2019:2439 vom 2019-08-12",
"url": "https://access.redhat.com/errata/RHSA-2019:2439"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2020:0132 vom 2020-01-16",
"url": "https://access.redhat.com/errata/RHSA-2020:0132"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2020:0133 vom 2020-01-16",
"url": "https://access.redhat.com/errata/RHSA-2020:0133"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2019:2587 vom 2019-09-05",
"url": "https://access.redhat.com/errata/RHSA-2019:2587"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2019:3023 vom 2019-10-10",
"url": "https://access.redhat.com/errata/RHSA-2019:3023"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2019:3024 vom 2019-10-10",
"url": "https://access.redhat.com/errata/RHSA-2019:3024"
},
{
"category": "external",
"summary": "PoC Collection \"awesome-cve-poc\" vom 2019-11-05",
"url": "https://github.com/qazbnm456/awesome-cve-poc"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2020:1325 vom 2020-04-06",
"url": "https://access.redhat.com/errata/RHSA-2020:1325"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2020:2412 vom 2020-07-13",
"url": "https://access.redhat.com/errata/RHSA-2020:2412"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2020:3247 vom 2020-08-04",
"url": "https://access.redhat.com/errata/RHSA-2020:3247"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2020:3936 vom 2020-09-29",
"url": "https://access.redhat.com/errata/RHSA-2020:3936"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2020:4670 vom 2020-11-04",
"url": "https://access.redhat.com/errata/RHSA-2020:4670"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2020:4847 vom 2020-11-04",
"url": "https://access.redhat.com/errata/RHSA-2020:4847"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2020:5581 vom 2020-12-16",
"url": "https://access.redhat.com/errata/RHSA-2020:5581"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2020:5571 vom 2020-12-16",
"url": "https://access.redhat.com/errata/RHSA-2020:5571"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:7343 vom 2022-11-02",
"url": "https://access.redhat.com/errata/RHSA-2022:7343"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:8652 vom 2022-11-28",
"url": "https://access.redhat.com/errata/RHSA-2022:8652"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:8848 vom 2022-12-08",
"url": "https://access.redhat.com/errata/RHSA-2022:8848"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:8865 vom 2022-12-08",
"url": "https://access.redhat.com/errata/RHSA-2022:8865"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2-2023-1905 vom 2023-01-23",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2023-1905.html"
}
],
"source_lang": "en-US",
"title": "Red Hat Single Sign On: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2023-10-15T22:00:00.000+00:00",
"generator": {
"date": "2024-08-15T17:37:29.362+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2022-1947",
"initial_release_date": "2019-06-11T22:00:00.000+00:00",
"revision_history": [
{
"date": "2019-06-11T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2019-08-12T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2019-09-04T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2019-10-10T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2019-11-05T23:00:00.000+00:00",
"number": "5",
"summary": "Exploit aufgenommen"
},
{
"date": "2020-01-16T23:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2020-04-05T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2020-07-13T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2020-08-04T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2020-09-29T22:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2020-11-03T23:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2020-12-16T23:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-11-02T23:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-11-28T23:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-12-07T23:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-01-23T23:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2023-10-15T22:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von Red Hat aufgenommen"
}
],
"status": "final",
"version": "17"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
},
{
"category": "product_name",
"name": "Red Hat Single Sign On 7.3",
"product": {
"name": "Red Hat Single Sign On 7.3",
"product_id": "T014361",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:single_sign_on:7.3"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-10735",
"notes": [
{
"category": "description",
"text": "In Red Hat Single Sign On existieren mehrere Cross-Site Scripting Schwachstellen. HTML und Script-Eingaben werden in nicht ordnungsgem\u00e4\u00df \u00fcberpr\u00fcft, bevor sie an den Benutzer zur\u00fcckgegeben werden. Ein entfernter anonymer Angreifer kann durch Ausnutzung dieser Schwachstellen beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausf\u00fchren. Zur erfolgreichen Ausnutzung dieser Schwachstellen muss der Angreifer den Benutzer dazu bringen eine modifizierte URL oder Webseite in seinem Web-Browser zu \u00f6ffnen."
}
],
"product_status": {
"known_affected": [
"T014361",
"67646",
"398363"
]
},
"release_date": "2019-06-11T22:00:00.000+00:00",
"title": "CVE-2016-10735"
},
{
"cve": "CVE-2018-14041",
"notes": [
{
"category": "description",
"text": "In Red Hat Single Sign On existieren mehrere Cross-Site Scripting Schwachstellen. HTML und Script-Eingaben werden in nicht ordnungsgem\u00e4\u00df \u00fcberpr\u00fcft, bevor sie an den Benutzer zur\u00fcckgegeben werden. Ein entfernter anonymer Angreifer kann durch Ausnutzung dieser Schwachstellen beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausf\u00fchren. Zur erfolgreichen Ausnutzung dieser Schwachstellen muss der Angreifer den Benutzer dazu bringen eine modifizierte URL oder Webseite in seinem Web-Browser zu \u00f6ffnen."
}
],
"product_status": {
"known_affected": [
"T014361",
"67646",
"398363"
]
},
"release_date": "2019-06-11T22:00:00.000+00:00",
"title": "CVE-2018-14041"
},
{
"cve": "CVE-2018-20676",
"notes": [
{
"category": "description",
"text": "In Red Hat Single Sign On existieren mehrere Cross-Site Scripting Schwachstellen. HTML und Script-Eingaben werden in nicht ordnungsgem\u00e4\u00df \u00fcberpr\u00fcft, bevor sie an den Benutzer zur\u00fcckgegeben werden. Ein entfernter anonymer Angreifer kann durch Ausnutzung dieser Schwachstellen beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausf\u00fchren. Zur erfolgreichen Ausnutzung dieser Schwachstellen muss der Angreifer den Benutzer dazu bringen eine modifizierte URL oder Webseite in seinem Web-Browser zu \u00f6ffnen."
}
],
"product_status": {
"known_affected": [
"T014361",
"67646",
"398363"
]
},
"release_date": "2019-06-11T22:00:00.000+00:00",
"title": "CVE-2018-20676"
},
{
"cve": "CVE-2018-20677",
"notes": [
{
"category": "description",
"text": "In Red Hat Single Sign On existieren mehrere Cross-Site Scripting Schwachstellen. HTML und Script-Eingaben werden in nicht ordnungsgem\u00e4\u00df \u00fcberpr\u00fcft, bevor sie an den Benutzer zur\u00fcckgegeben werden. Ein entfernter anonymer Angreifer kann durch Ausnutzung dieser Schwachstellen beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausf\u00fchren. Zur erfolgreichen Ausnutzung dieser Schwachstellen muss der Angreifer den Benutzer dazu bringen eine modifizierte URL oder Webseite in seinem Web-Browser zu \u00f6ffnen."
}
],
"product_status": {
"known_affected": [
"T014361",
"67646",
"398363"
]
},
"release_date": "2019-06-11T22:00:00.000+00:00",
"title": "CVE-2018-20677"
},
{
"cve": "CVE-2019-3872",
"notes": [
{
"category": "description",
"text": "In Red Hat Single Sign On existieren mehrere Cross-Site Scripting Schwachstellen. HTML und Script-Eingaben werden in nicht ordnungsgem\u00e4\u00df \u00fcberpr\u00fcft, bevor sie an den Benutzer zur\u00fcckgegeben werden. Ein entfernter anonymer Angreifer kann durch Ausnutzung dieser Schwachstellen beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausf\u00fchren. Zur erfolgreichen Ausnutzung dieser Schwachstellen muss der Angreifer den Benutzer dazu bringen eine modifizierte URL oder Webseite in seinem Web-Browser zu \u00f6ffnen."
}
],
"product_status": {
"known_affected": [
"T014361",
"67646",
"398363"
]
},
"release_date": "2019-06-11T22:00:00.000+00:00",
"title": "CVE-2019-3872"
},
{
"cve": "CVE-2019-3873",
"notes": [
{
"category": "description",
"text": "In Red Hat Single Sign On existieren mehrere Cross-Site Scripting Schwachstellen. HTML und Script-Eingaben werden in nicht ordnungsgem\u00e4\u00df \u00fcberpr\u00fcft, bevor sie an den Benutzer zur\u00fcckgegeben werden. Ein entfernter anonymer Angreifer kann durch Ausnutzung dieser Schwachstellen beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausf\u00fchren. Zur erfolgreichen Ausnutzung dieser Schwachstellen muss der Angreifer den Benutzer dazu bringen eine modifizierte URL oder Webseite in seinem Web-Browser zu \u00f6ffnen."
}
],
"product_status": {
"known_affected": [
"T014361",
"67646",
"398363"
]
},
"release_date": "2019-06-11T22:00:00.000+00:00",
"title": "CVE-2019-3873"
},
{
"cve": "CVE-2019-8331",
"notes": [
{
"category": "description",
"text": "In Red Hat Single Sign On existieren mehrere Cross-Site Scripting Schwachstellen. HTML und Script-Eingaben werden in nicht ordnungsgem\u00e4\u00df \u00fcberpr\u00fcft, bevor sie an den Benutzer zur\u00fcckgegeben werden. Ein entfernter anonymer Angreifer kann durch Ausnutzung dieser Schwachstellen beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausf\u00fchren. Zur erfolgreichen Ausnutzung dieser Schwachstellen muss der Angreifer den Benutzer dazu bringen eine modifizierte URL oder Webseite in seinem Web-Browser zu \u00f6ffnen."
}
],
"product_status": {
"known_affected": [
"T014361",
"67646",
"398363"
]
},
"release_date": "2019-06-11T22:00:00.000+00:00",
"title": "CVE-2019-8331"
},
{
"cve": "CVE-2019-3888",
"notes": [
{
"category": "description",
"text": "In Red Hat Single Sign On existiert eine Schwachstelle. Die Schwachstelle existiert dadurch, dass der Undertow Web Server die Anmeldeinformation in Klartext in Log-Daten schreibt. Ein authentisierter Angreifer kann diese Schwachstelle ausnutzen, um diese Anmeldeinformationen offenzulegen."
}
],
"product_status": {
"known_affected": [
"T014361",
"67646",
"398363"
]
},
"release_date": "2019-06-11T22:00:00.000+00:00",
"title": "CVE-2019-3888"
},
{
"cve": "CVE-2019-3875",
"notes": [
{
"category": "description",
"text": "In Red Hat Single Sign On existiert eine Schwachstelle. Die Schwachstelle existiert aufgrund einer unzureichenden Sperrpr\u00fcfung bei der Validierung von X.509-Zertifikaten. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014361",
"67646",
"398363"
]
},
"release_date": "2019-06-11T22:00:00.000+00:00",
"title": "CVE-2019-3875"
},
{
"cve": "CVE-2019-10157",
"notes": [
{
"category": "description",
"text": "In Red Hat Single Sign On existiert eine Schwachstelle. Die Schwachstelle existiert aufgrund einer fehlenden Validierung von Zertifikaten, in dessen Folge der Benutzer ausgeloggt wird und sich nicht mehr einloggen kann. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand zu erzeugen."
}
],
"product_status": {
"known_affected": [
"T014361",
"67646",
"398363"
]
},
"release_date": "2019-06-11T22:00:00.000+00:00",
"title": "CVE-2019-10157"
},
{
"cve": "CVE-2019-11358",
"notes": [
{
"category": "description",
"text": "In Red Hat Single Sign On existiert eine Schwachstelle. Die Schwachstelle existiert in der Komponente jQuery, welche anf\u00e4llig f\u00fcr einen prototype-pollution-Angriff ist. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder beliebigen Programmcode auszuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T014361",
"67646",
"398363"
]
},
"release_date": "2019-06-11T22:00:00.000+00:00",
"title": "CVE-2019-11358"
}
]
}
wid-sec-w-2023-1369
Vulnerability from csaf_certbund
Published
2023-06-05 22:00
Modified
2023-06-05 22:00
Summary
IBM Business Automation Workflow: Mehrere Schwachstellen ermöglichen Cross-Site Scripting
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
IBM Business Automation Workflow ist eine Lösung zur Automatisierung von Arbeitsabläufen.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in IBM Business Automation Workflow ausnutzen, um einen Cross-Site Scripting Angriff durchzuführen.
Betroffene Betriebssysteme
- UNIX
- Linux
- Windows
- Sonstiges
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "IBM Business Automation Workflow ist eine L\u00f6sung zur Automatisierung von Arbeitsabl\u00e4ufen.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in IBM Business Automation Workflow ausnutzen, um einen Cross-Site Scripting Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- UNIX\n- Linux\n- Windows\n- Sonstiges",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-1369 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1369.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-1369 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1369"
},
{
"category": "external",
"summary": "IBM Security Bulletin vom 2023-06-05",
"url": "https://www.ibm.com/support/pages/node/7001347"
}
],
"source_lang": "en-US",
"title": "IBM Business Automation Workflow: Mehrere Schwachstellen erm\u00f6glichen Cross-Site Scripting",
"tracking": {
"current_release_date": "2023-06-05T22:00:00.000+00:00",
"generator": {
"date": "2024-08-15T17:51:51.260+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2023-1369",
"initial_release_date": "2023-06-05T22:00:00.000+00:00",
"revision_history": [
{
"date": "2023-06-05T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "IBM Business Automation Workflow Enterprise Service Bus 22.0.2",
"product": {
"name": "IBM Business Automation Workflow Enterprise Service Bus 22.0.2",
"product_id": "T027974",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:business_automation_workflow:enterprise_service_bus_22.0.2"
}
}
}
],
"category": "vendor",
"name": "IBM"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-8331",
"notes": [
{
"category": "description",
"text": "In IBM Business Automation Workflow existieren mehrere Cross-Site Scripting Schwachstellen in der Bootstrap Komponente. HTML und Script-Eingaben werden nicht ordnungsgem\u00e4\u00df \u00fcberpr\u00fcft, bevor sie an den Benutzer zur\u00fcckgegeben werden. Ein entfernter, anonymer Angreifer kann durch Ausnutzung dieser Schwachstellen beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T027974"
]
},
"release_date": "2023-06-05T22:00:00.000+00:00",
"title": "CVE-2019-8331"
},
{
"cve": "CVE-2018-20677",
"notes": [
{
"category": "description",
"text": "In IBM Business Automation Workflow existieren mehrere Cross-Site Scripting Schwachstellen in der Bootstrap Komponente. HTML und Script-Eingaben werden nicht ordnungsgem\u00e4\u00df \u00fcberpr\u00fcft, bevor sie an den Benutzer zur\u00fcckgegeben werden. Ein entfernter, anonymer Angreifer kann durch Ausnutzung dieser Schwachstellen beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T027974"
]
},
"release_date": "2023-06-05T22:00:00.000+00:00",
"title": "CVE-2018-20677"
},
{
"cve": "CVE-2018-20676",
"notes": [
{
"category": "description",
"text": "In IBM Business Automation Workflow existieren mehrere Cross-Site Scripting Schwachstellen in der Bootstrap Komponente. HTML und Script-Eingaben werden nicht ordnungsgem\u00e4\u00df \u00fcberpr\u00fcft, bevor sie an den Benutzer zur\u00fcckgegeben werden. Ein entfernter, anonymer Angreifer kann durch Ausnutzung dieser Schwachstellen beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T027974"
]
},
"release_date": "2023-06-05T22:00:00.000+00:00",
"title": "CVE-2018-20676"
},
{
"cve": "CVE-2018-14042",
"notes": [
{
"category": "description",
"text": "In IBM Business Automation Workflow existieren mehrere Cross-Site Scripting Schwachstellen in der Bootstrap Komponente. HTML und Script-Eingaben werden nicht ordnungsgem\u00e4\u00df \u00fcberpr\u00fcft, bevor sie an den Benutzer zur\u00fcckgegeben werden. Ein entfernter, anonymer Angreifer kann durch Ausnutzung dieser Schwachstellen beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T027974"
]
},
"release_date": "2023-06-05T22:00:00.000+00:00",
"title": "CVE-2018-14042"
},
{
"cve": "CVE-2018-14040",
"notes": [
{
"category": "description",
"text": "In IBM Business Automation Workflow existieren mehrere Cross-Site Scripting Schwachstellen in der Bootstrap Komponente. HTML und Script-Eingaben werden nicht ordnungsgem\u00e4\u00df \u00fcberpr\u00fcft, bevor sie an den Benutzer zur\u00fcckgegeben werden. Ein entfernter, anonymer Angreifer kann durch Ausnutzung dieser Schwachstellen beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T027974"
]
},
"release_date": "2023-06-05T22:00:00.000+00:00",
"title": "CVE-2018-14040"
},
{
"cve": "CVE-2016-10735",
"notes": [
{
"category": "description",
"text": "In IBM Business Automation Workflow existieren mehrere Cross-Site Scripting Schwachstellen in der Bootstrap Komponente. HTML und Script-Eingaben werden nicht ordnungsgem\u00e4\u00df \u00fcberpr\u00fcft, bevor sie an den Benutzer zur\u00fcckgegeben werden. Ein entfernter, anonymer Angreifer kann durch Ausnutzung dieser Schwachstellen beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T027974"
]
},
"release_date": "2023-06-05T22:00:00.000+00:00",
"title": "CVE-2016-10735"
}
]
}
WID-SEC-W-2023-1369
Vulnerability from csaf_certbund
Published
2023-06-05 22:00
Modified
2023-06-05 22:00
Summary
IBM Business Automation Workflow: Mehrere Schwachstellen ermöglichen Cross-Site Scripting
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
IBM Business Automation Workflow ist eine Lösung zur Automatisierung von Arbeitsabläufen.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in IBM Business Automation Workflow ausnutzen, um einen Cross-Site Scripting Angriff durchzuführen.
Betroffene Betriebssysteme
- UNIX
- Linux
- Windows
- Sonstiges
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "IBM Business Automation Workflow ist eine L\u00f6sung zur Automatisierung von Arbeitsabl\u00e4ufen.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in IBM Business Automation Workflow ausnutzen, um einen Cross-Site Scripting Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- UNIX\n- Linux\n- Windows\n- Sonstiges",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-1369 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1369.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-1369 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1369"
},
{
"category": "external",
"summary": "IBM Security Bulletin vom 2023-06-05",
"url": "https://www.ibm.com/support/pages/node/7001347"
}
],
"source_lang": "en-US",
"title": "IBM Business Automation Workflow: Mehrere Schwachstellen erm\u00f6glichen Cross-Site Scripting",
"tracking": {
"current_release_date": "2023-06-05T22:00:00.000+00:00",
"generator": {
"date": "2024-08-15T17:51:51.260+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2023-1369",
"initial_release_date": "2023-06-05T22:00:00.000+00:00",
"revision_history": [
{
"date": "2023-06-05T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "IBM Business Automation Workflow Enterprise Service Bus 22.0.2",
"product": {
"name": "IBM Business Automation Workflow Enterprise Service Bus 22.0.2",
"product_id": "T027974",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:business_automation_workflow:enterprise_service_bus_22.0.2"
}
}
}
],
"category": "vendor",
"name": "IBM"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-8331",
"notes": [
{
"category": "description",
"text": "In IBM Business Automation Workflow existieren mehrere Cross-Site Scripting Schwachstellen in der Bootstrap Komponente. HTML und Script-Eingaben werden nicht ordnungsgem\u00e4\u00df \u00fcberpr\u00fcft, bevor sie an den Benutzer zur\u00fcckgegeben werden. Ein entfernter, anonymer Angreifer kann durch Ausnutzung dieser Schwachstellen beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T027974"
]
},
"release_date": "2023-06-05T22:00:00.000+00:00",
"title": "CVE-2019-8331"
},
{
"cve": "CVE-2018-20677",
"notes": [
{
"category": "description",
"text": "In IBM Business Automation Workflow existieren mehrere Cross-Site Scripting Schwachstellen in der Bootstrap Komponente. HTML und Script-Eingaben werden nicht ordnungsgem\u00e4\u00df \u00fcberpr\u00fcft, bevor sie an den Benutzer zur\u00fcckgegeben werden. Ein entfernter, anonymer Angreifer kann durch Ausnutzung dieser Schwachstellen beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T027974"
]
},
"release_date": "2023-06-05T22:00:00.000+00:00",
"title": "CVE-2018-20677"
},
{
"cve": "CVE-2018-20676",
"notes": [
{
"category": "description",
"text": "In IBM Business Automation Workflow existieren mehrere Cross-Site Scripting Schwachstellen in der Bootstrap Komponente. HTML und Script-Eingaben werden nicht ordnungsgem\u00e4\u00df \u00fcberpr\u00fcft, bevor sie an den Benutzer zur\u00fcckgegeben werden. Ein entfernter, anonymer Angreifer kann durch Ausnutzung dieser Schwachstellen beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T027974"
]
},
"release_date": "2023-06-05T22:00:00.000+00:00",
"title": "CVE-2018-20676"
},
{
"cve": "CVE-2018-14042",
"notes": [
{
"category": "description",
"text": "In IBM Business Automation Workflow existieren mehrere Cross-Site Scripting Schwachstellen in der Bootstrap Komponente. HTML und Script-Eingaben werden nicht ordnungsgem\u00e4\u00df \u00fcberpr\u00fcft, bevor sie an den Benutzer zur\u00fcckgegeben werden. Ein entfernter, anonymer Angreifer kann durch Ausnutzung dieser Schwachstellen beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T027974"
]
},
"release_date": "2023-06-05T22:00:00.000+00:00",
"title": "CVE-2018-14042"
},
{
"cve": "CVE-2018-14040",
"notes": [
{
"category": "description",
"text": "In IBM Business Automation Workflow existieren mehrere Cross-Site Scripting Schwachstellen in der Bootstrap Komponente. HTML und Script-Eingaben werden nicht ordnungsgem\u00e4\u00df \u00fcberpr\u00fcft, bevor sie an den Benutzer zur\u00fcckgegeben werden. Ein entfernter, anonymer Angreifer kann durch Ausnutzung dieser Schwachstellen beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T027974"
]
},
"release_date": "2023-06-05T22:00:00.000+00:00",
"title": "CVE-2018-14040"
},
{
"cve": "CVE-2016-10735",
"notes": [
{
"category": "description",
"text": "In IBM Business Automation Workflow existieren mehrere Cross-Site Scripting Schwachstellen in der Bootstrap Komponente. HTML und Script-Eingaben werden nicht ordnungsgem\u00e4\u00df \u00fcberpr\u00fcft, bevor sie an den Benutzer zur\u00fcckgegeben werden. Ein entfernter, anonymer Angreifer kann durch Ausnutzung dieser Schwachstellen beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausf\u00fchren. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T027974"
]
},
"release_date": "2023-06-05T22:00:00.000+00:00",
"title": "CVE-2016-10735"
}
]
}
WID-SEC-W-2022-1947
Vulnerability from csaf_certbund
Published
2019-06-11 22:00
Modified
2023-10-15 22:00
Summary
Red Hat Single Sign On: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Red Hat Single Sign-On ist ein eigenständiger Server, basierend auf dem Keycloak Projekt.
Angriff
Ein Angreifer kann mehrere Schwachstellen in Red Hat Single Sign On ausnutzen, um einen Cross-Site Scripting Angriff durchzuführen, einen Denial of Service Zustand hervorzurufen, Informationen auszuspähen, Sicherheitsvorkehrungen zu umgehen oder beliebigen Programmcode auszuführen.
Betroffene Betriebssysteme
- Linux
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Red Hat Single Sign-On ist ein eigenst\u00e4ndiger Server, basierend auf dem Keycloak Projekt.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in Red Hat Single Sign On ausnutzen, um einen Cross-Site Scripting Angriff durchzuf\u00fchren, einen Denial of Service Zustand hervorzurufen, Informationen auszusp\u00e4hen, Sicherheitsvorkehrungen zu umgehen oder beliebigen Programmcode auszuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2022-1947 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2019/wid-sec-w-2022-1947.json"
},
{
"category": "self",
"summary": "WID-SEC-2022-1947 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-1947"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:5693 vom 2023-10-16",
"url": "https://access.redhat.com/errata/RHSA-2023:5693"
},
{
"category": "external",
"summary": "Red Hat Security Advisory: RHSA-2019:1456 vom 2019-06-11",
"url": "https://access.redhat.com/errata/RHSA-2019:1456"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2019:2439 vom 2019-08-12",
"url": "https://access.redhat.com/errata/RHSA-2019:2439"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2020:0132 vom 2020-01-16",
"url": "https://access.redhat.com/errata/RHSA-2020:0132"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2020:0133 vom 2020-01-16",
"url": "https://access.redhat.com/errata/RHSA-2020:0133"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2019:2587 vom 2019-09-05",
"url": "https://access.redhat.com/errata/RHSA-2019:2587"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2019:3023 vom 2019-10-10",
"url": "https://access.redhat.com/errata/RHSA-2019:3023"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2019:3024 vom 2019-10-10",
"url": "https://access.redhat.com/errata/RHSA-2019:3024"
},
{
"category": "external",
"summary": "PoC Collection \"awesome-cve-poc\" vom 2019-11-05",
"url": "https://github.com/qazbnm456/awesome-cve-poc"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2020:1325 vom 2020-04-06",
"url": "https://access.redhat.com/errata/RHSA-2020:1325"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2020:2412 vom 2020-07-13",
"url": "https://access.redhat.com/errata/RHSA-2020:2412"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2020:3247 vom 2020-08-04",
"url": "https://access.redhat.com/errata/RHSA-2020:3247"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2020:3936 vom 2020-09-29",
"url": "https://access.redhat.com/errata/RHSA-2020:3936"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2020:4670 vom 2020-11-04",
"url": "https://access.redhat.com/errata/RHSA-2020:4670"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2020:4847 vom 2020-11-04",
"url": "https://access.redhat.com/errata/RHSA-2020:4847"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2020:5581 vom 2020-12-16",
"url": "https://access.redhat.com/errata/RHSA-2020:5581"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2020:5571 vom 2020-12-16",
"url": "https://access.redhat.com/errata/RHSA-2020:5571"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:7343 vom 2022-11-02",
"url": "https://access.redhat.com/errata/RHSA-2022:7343"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:8652 vom 2022-11-28",
"url": "https://access.redhat.com/errata/RHSA-2022:8652"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:8848 vom 2022-12-08",
"url": "https://access.redhat.com/errata/RHSA-2022:8848"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:8865 vom 2022-12-08",
"url": "https://access.redhat.com/errata/RHSA-2022:8865"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2-2023-1905 vom 2023-01-23",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2023-1905.html"
}
],
"source_lang": "en-US",
"title": "Red Hat Single Sign On: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2023-10-15T22:00:00.000+00:00",
"generator": {
"date": "2024-08-15T17:37:29.362+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2022-1947",
"initial_release_date": "2019-06-11T22:00:00.000+00:00",
"revision_history": [
{
"date": "2019-06-11T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2019-08-12T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2019-09-04T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2019-10-10T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2019-11-05T23:00:00.000+00:00",
"number": "5",
"summary": "Exploit aufgenommen"
},
{
"date": "2020-01-16T23:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2020-04-05T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2020-07-13T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2020-08-04T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2020-09-29T22:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2020-11-03T23:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2020-12-16T23:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-11-02T23:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-11-28T23:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-12-07T23:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-01-23T23:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2023-10-15T22:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von Red Hat aufgenommen"
}
],
"status": "final",
"version": "17"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
},
{
"category": "product_name",
"name": "Red Hat Single Sign On 7.3",
"product": {
"name": "Red Hat Single Sign On 7.3",
"product_id": "T014361",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:single_sign_on:7.3"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-10735",
"notes": [
{
"category": "description",
"text": "In Red Hat Single Sign On existieren mehrere Cross-Site Scripting Schwachstellen. HTML und Script-Eingaben werden in nicht ordnungsgem\u00e4\u00df \u00fcberpr\u00fcft, bevor sie an den Benutzer zur\u00fcckgegeben werden. Ein entfernter anonymer Angreifer kann durch Ausnutzung dieser Schwachstellen beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausf\u00fchren. Zur erfolgreichen Ausnutzung dieser Schwachstellen muss der Angreifer den Benutzer dazu bringen eine modifizierte URL oder Webseite in seinem Web-Browser zu \u00f6ffnen."
}
],
"product_status": {
"known_affected": [
"T014361",
"67646",
"398363"
]
},
"release_date": "2019-06-11T22:00:00.000+00:00",
"title": "CVE-2016-10735"
},
{
"cve": "CVE-2018-14041",
"notes": [
{
"category": "description",
"text": "In Red Hat Single Sign On existieren mehrere Cross-Site Scripting Schwachstellen. HTML und Script-Eingaben werden in nicht ordnungsgem\u00e4\u00df \u00fcberpr\u00fcft, bevor sie an den Benutzer zur\u00fcckgegeben werden. Ein entfernter anonymer Angreifer kann durch Ausnutzung dieser Schwachstellen beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausf\u00fchren. Zur erfolgreichen Ausnutzung dieser Schwachstellen muss der Angreifer den Benutzer dazu bringen eine modifizierte URL oder Webseite in seinem Web-Browser zu \u00f6ffnen."
}
],
"product_status": {
"known_affected": [
"T014361",
"67646",
"398363"
]
},
"release_date": "2019-06-11T22:00:00.000+00:00",
"title": "CVE-2018-14041"
},
{
"cve": "CVE-2018-20676",
"notes": [
{
"category": "description",
"text": "In Red Hat Single Sign On existieren mehrere Cross-Site Scripting Schwachstellen. HTML und Script-Eingaben werden in nicht ordnungsgem\u00e4\u00df \u00fcberpr\u00fcft, bevor sie an den Benutzer zur\u00fcckgegeben werden. Ein entfernter anonymer Angreifer kann durch Ausnutzung dieser Schwachstellen beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausf\u00fchren. Zur erfolgreichen Ausnutzung dieser Schwachstellen muss der Angreifer den Benutzer dazu bringen eine modifizierte URL oder Webseite in seinem Web-Browser zu \u00f6ffnen."
}
],
"product_status": {
"known_affected": [
"T014361",
"67646",
"398363"
]
},
"release_date": "2019-06-11T22:00:00.000+00:00",
"title": "CVE-2018-20676"
},
{
"cve": "CVE-2018-20677",
"notes": [
{
"category": "description",
"text": "In Red Hat Single Sign On existieren mehrere Cross-Site Scripting Schwachstellen. HTML und Script-Eingaben werden in nicht ordnungsgem\u00e4\u00df \u00fcberpr\u00fcft, bevor sie an den Benutzer zur\u00fcckgegeben werden. Ein entfernter anonymer Angreifer kann durch Ausnutzung dieser Schwachstellen beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausf\u00fchren. Zur erfolgreichen Ausnutzung dieser Schwachstellen muss der Angreifer den Benutzer dazu bringen eine modifizierte URL oder Webseite in seinem Web-Browser zu \u00f6ffnen."
}
],
"product_status": {
"known_affected": [
"T014361",
"67646",
"398363"
]
},
"release_date": "2019-06-11T22:00:00.000+00:00",
"title": "CVE-2018-20677"
},
{
"cve": "CVE-2019-3872",
"notes": [
{
"category": "description",
"text": "In Red Hat Single Sign On existieren mehrere Cross-Site Scripting Schwachstellen. HTML und Script-Eingaben werden in nicht ordnungsgem\u00e4\u00df \u00fcberpr\u00fcft, bevor sie an den Benutzer zur\u00fcckgegeben werden. Ein entfernter anonymer Angreifer kann durch Ausnutzung dieser Schwachstellen beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausf\u00fchren. Zur erfolgreichen Ausnutzung dieser Schwachstellen muss der Angreifer den Benutzer dazu bringen eine modifizierte URL oder Webseite in seinem Web-Browser zu \u00f6ffnen."
}
],
"product_status": {
"known_affected": [
"T014361",
"67646",
"398363"
]
},
"release_date": "2019-06-11T22:00:00.000+00:00",
"title": "CVE-2019-3872"
},
{
"cve": "CVE-2019-3873",
"notes": [
{
"category": "description",
"text": "In Red Hat Single Sign On existieren mehrere Cross-Site Scripting Schwachstellen. HTML und Script-Eingaben werden in nicht ordnungsgem\u00e4\u00df \u00fcberpr\u00fcft, bevor sie an den Benutzer zur\u00fcckgegeben werden. Ein entfernter anonymer Angreifer kann durch Ausnutzung dieser Schwachstellen beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausf\u00fchren. Zur erfolgreichen Ausnutzung dieser Schwachstellen muss der Angreifer den Benutzer dazu bringen eine modifizierte URL oder Webseite in seinem Web-Browser zu \u00f6ffnen."
}
],
"product_status": {
"known_affected": [
"T014361",
"67646",
"398363"
]
},
"release_date": "2019-06-11T22:00:00.000+00:00",
"title": "CVE-2019-3873"
},
{
"cve": "CVE-2019-8331",
"notes": [
{
"category": "description",
"text": "In Red Hat Single Sign On existieren mehrere Cross-Site Scripting Schwachstellen. HTML und Script-Eingaben werden in nicht ordnungsgem\u00e4\u00df \u00fcberpr\u00fcft, bevor sie an den Benutzer zur\u00fcckgegeben werden. Ein entfernter anonymer Angreifer kann durch Ausnutzung dieser Schwachstellen beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausf\u00fchren. Zur erfolgreichen Ausnutzung dieser Schwachstellen muss der Angreifer den Benutzer dazu bringen eine modifizierte URL oder Webseite in seinem Web-Browser zu \u00f6ffnen."
}
],
"product_status": {
"known_affected": [
"T014361",
"67646",
"398363"
]
},
"release_date": "2019-06-11T22:00:00.000+00:00",
"title": "CVE-2019-8331"
},
{
"cve": "CVE-2019-3888",
"notes": [
{
"category": "description",
"text": "In Red Hat Single Sign On existiert eine Schwachstelle. Die Schwachstelle existiert dadurch, dass der Undertow Web Server die Anmeldeinformation in Klartext in Log-Daten schreibt. Ein authentisierter Angreifer kann diese Schwachstelle ausnutzen, um diese Anmeldeinformationen offenzulegen."
}
],
"product_status": {
"known_affected": [
"T014361",
"67646",
"398363"
]
},
"release_date": "2019-06-11T22:00:00.000+00:00",
"title": "CVE-2019-3888"
},
{
"cve": "CVE-2019-3875",
"notes": [
{
"category": "description",
"text": "In Red Hat Single Sign On existiert eine Schwachstelle. Die Schwachstelle existiert aufgrund einer unzureichenden Sperrpr\u00fcfung bei der Validierung von X.509-Zertifikaten. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T014361",
"67646",
"398363"
]
},
"release_date": "2019-06-11T22:00:00.000+00:00",
"title": "CVE-2019-3875"
},
{
"cve": "CVE-2019-10157",
"notes": [
{
"category": "description",
"text": "In Red Hat Single Sign On existiert eine Schwachstelle. Die Schwachstelle existiert aufgrund einer fehlenden Validierung von Zertifikaten, in dessen Folge der Benutzer ausgeloggt wird und sich nicht mehr einloggen kann. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand zu erzeugen."
}
],
"product_status": {
"known_affected": [
"T014361",
"67646",
"398363"
]
},
"release_date": "2019-06-11T22:00:00.000+00:00",
"title": "CVE-2019-10157"
},
{
"cve": "CVE-2019-11358",
"notes": [
{
"category": "description",
"text": "In Red Hat Single Sign On existiert eine Schwachstelle. Die Schwachstelle existiert in der Komponente jQuery, welche anf\u00e4llig f\u00fcr einen prototype-pollution-Angriff ist. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder beliebigen Programmcode auszuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T014361",
"67646",
"398363"
]
},
"release_date": "2019-06-11T22:00:00.000+00:00",
"title": "CVE-2019-11358"
}
]
}
wid-sec-w-2023-0239
Vulnerability from csaf_certbund
Published
2023-01-31 23:00
Modified
2024-02-28 23:00
Summary
Red Hat JBoss Enterprise Application Platform: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
JBoss Enterprise Application Platform ist eine skalierbare Plattform für Java-Anwendungen, inklusive JBoss Application Server, JBoss Hibernate und Boss Seam.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Red Hat JBoss Enterprise Application Platform ausnutzen, um beliebigen Programmcode auszuführen, ein Cross-Site-Scritping-Angriff durchzuführen, Informationen offenzulegen, einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.
Betroffene Betriebssysteme
- Linux
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "JBoss Enterprise Application Platform ist eine skalierbare Plattform f\u00fcr Java-Anwendungen, inklusive JBoss Application Server, JBoss Hibernate und Boss Seam.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Red Hat JBoss Enterprise Application Platform ausnutzen, um beliebigen Programmcode auszuf\u00fchren, ein Cross-Site-Scritping-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-0239 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-0239.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-0239 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0239"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:0552 vom 2023-01-31",
"url": "https://access.redhat.com/errata/RHSA-2023:0552"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:0553 vom 2023-01-31",
"url": "https://access.redhat.com/errata/RHSA-2023:0553"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:0554 vom 2023-01-31",
"url": "https://access.redhat.com/errata/RHSA-2023:0554"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:0556 vom 2023-01-31",
"url": "https://access.redhat.com/errata/RHSA-2023:0556"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:0560 vom 2023-02-08",
"url": "https://access.redhat.com/errata/RHSA-2023:0560"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:0713 vom 2023-02-09",
"url": "https://access.redhat.com/errata/RHSA-2023:0713"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:1044 vom 2023-03-02",
"url": "https://access.redhat.com/errata/RHSA-2023:1044"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:1043 vom 2023-03-02",
"url": "https://access.redhat.com/errata/RHSA-2023:1043"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:1049 vom 2023-03-02",
"url": "https://access.redhat.com/errata/RHSA-2023:1049"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:1047 vom 2023-03-02",
"url": "https://access.redhat.com/errata/RHSA-2023:1047"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:1045 vom 2023-03-02",
"url": "https://access.redhat.com/errata/RHSA-2023:1045"
},
{
"category": "external",
"summary": "F5 Security Advisory K48382137 vom 2023-04-21",
"url": "https://my.f5.com/manage/s/article/K48382137"
},
{
"category": "external",
"summary": "F5 Security Advisory K05380109 vom 2023-04-20",
"url": "https://my.f5.com/manage/s/article/K05380109"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:3223 vom 2023-05-18",
"url": "https://access.redhat.com/errata/RHSA-2023:3223"
},
{
"category": "external",
"summary": "Hitachi Software Vulnerability Information hitachi-sec-2023-116 vom 2023-05-23",
"url": "https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-116/index.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:4983 vom 2023-09-05",
"url": "https://access.redhat.com/errata/RHSA-2023:4983"
},
{
"category": "external",
"summary": "Hitachi Vulnerability Information HITACHI-SEC-2023-143 vom 2023-10-03",
"url": "https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-143/index.html"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2023-409 vom 2023-12-23",
"url": "https://www.dell.com/support/kbdoc/000220669/dsa-2023-="
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:1027 vom 2024-02-28",
"url": "https://access.redhat.com/errata/RHSA-2024:1027"
}
],
"source_lang": "en-US",
"title": "Red Hat JBoss Enterprise Application Platform: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-02-28T23:00:00.000+00:00",
"generator": {
"date": "2024-08-15T17:42:48.458+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2023-0239",
"initial_release_date": "2023-01-31T23:00:00.000+00:00",
"revision_history": [
{
"date": "2023-01-31T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2023-02-08T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-02-09T23:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-03-01T23:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-04-20T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von F5 aufgenommen"
},
{
"date": "2023-05-18T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-05-22T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von HITACHI aufgenommen"
},
{
"date": "2023-09-05T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-10-03T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von HITACHI aufgenommen"
},
{
"date": "2023-12-26T23:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von Dell aufgenommen"
},
{
"date": "2024-02-28T23:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Red Hat aufgenommen"
}
],
"status": "final",
"version": "11"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "F5 BIG-IP",
"product": {
"name": "F5 BIG-IP",
"product_id": "T001663",
"product_identification_helper": {
"cpe": "cpe:/a:f5:big-ip:-"
}
}
}
],
"category": "vendor",
"name": "F5"
},
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Hitachi Ops Center",
"product": {
"name": "Hitachi Ops Center",
"product_id": "T017562",
"product_identification_helper": {
"cpe": "cpe:/a:hitachi:ops_center:-"
}
}
},
{
"category": "product_version_range",
"name": "\u003c Common Services 10.9.3-00",
"product": {
"name": "Hitachi Ops Center \u003c Common Services 10.9.3-00",
"product_id": "T030195"
}
}
],
"category": "product_name",
"name": "Ops Center"
}
],
"category": "vendor",
"name": "Hitachi"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
},
{
"branches": [
{
"category": "product_version_range",
"name": "Streams \u003c 2.4.0",
"product": {
"name": "Red Hat JBoss A-MQ Streams \u003c 2.4.0",
"product_id": "T027764"
}
}
],
"category": "product_name",
"name": "JBoss A-MQ"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c 7.4.9",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform \u003c 7.4.9",
"product_id": "T026073"
}
}
],
"category": "product_name",
"name": "JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "container platform 4.0.51",
"product": {
"name": "Red Hat OpenShift container platform 4.0.51",
"product_id": "T026183",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform_4.0.51"
}
}
}
],
"category": "product_name",
"name": "OpenShift"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-9251",
"notes": [
{
"category": "description",
"text": "In Red Hat JBoss Enterprise Application Platform existieren mehrere Schwachstellen. Diese bestehen aufgrund von Fehlern in verschiedenen Komponenten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, ein Cross-Site-Scritping-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T026183",
"67646",
"T001663",
"T027764",
"T030195",
"T017562"
]
},
"release_date": "2023-01-31T23:00:00.000+00:00",
"title": "CVE-2015-9251"
},
{
"cve": "CVE-2016-10735",
"notes": [
{
"category": "description",
"text": "In Red Hat JBoss Enterprise Application Platform existieren mehrere Schwachstellen. Diese bestehen aufgrund von Fehlern in verschiedenen Komponenten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, ein Cross-Site-Scritping-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T026183",
"67646",
"T001663",
"T027764",
"T030195",
"T017562"
]
},
"release_date": "2023-01-31T23:00:00.000+00:00",
"title": "CVE-2016-10735"
},
{
"cve": "CVE-2017-18214",
"notes": [
{
"category": "description",
"text": "In Red Hat JBoss Enterprise Application Platform existieren mehrere Schwachstellen. Diese bestehen aufgrund von Fehlern in verschiedenen Komponenten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, ein Cross-Site-Scritping-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T026183",
"67646",
"T001663",
"T027764",
"T030195",
"T017562"
]
},
"release_date": "2023-01-31T23:00:00.000+00:00",
"title": "CVE-2017-18214"
},
{
"cve": "CVE-2018-14040",
"notes": [
{
"category": "description",
"text": "In Red Hat JBoss Enterprise Application Platform existieren mehrere Schwachstellen. Diese bestehen aufgrund von Fehlern in verschiedenen Komponenten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, ein Cross-Site-Scritping-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T026183",
"67646",
"T001663",
"T027764",
"T030195",
"T017562"
]
},
"release_date": "2023-01-31T23:00:00.000+00:00",
"title": "CVE-2018-14040"
},
{
"cve": "CVE-2018-14041",
"notes": [
{
"category": "description",
"text": "In Red Hat JBoss Enterprise Application Platform existieren mehrere Schwachstellen. Diese bestehen aufgrund von Fehlern in verschiedenen Komponenten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, ein Cross-Site-Scritping-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T026183",
"67646",
"T001663",
"T027764",
"T030195",
"T017562"
]
},
"release_date": "2023-01-31T23:00:00.000+00:00",
"title": "CVE-2018-14041"
},
{
"cve": "CVE-2018-14042",
"notes": [
{
"category": "description",
"text": "In Red Hat JBoss Enterprise Application Platform existieren mehrere Schwachstellen. Diese bestehen aufgrund von Fehlern in verschiedenen Komponenten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, ein Cross-Site-Scritping-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T026183",
"67646",
"T001663",
"T027764",
"T030195",
"T017562"
]
},
"release_date": "2023-01-31T23:00:00.000+00:00",
"title": "CVE-2018-14042"
},
{
"cve": "CVE-2019-11358",
"notes": [
{
"category": "description",
"text": "In Red Hat JBoss Enterprise Application Platform existieren mehrere Schwachstellen. Diese bestehen aufgrund von Fehlern in verschiedenen Komponenten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, ein Cross-Site-Scritping-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T026183",
"67646",
"T001663",
"T027764",
"T030195",
"T017562"
]
},
"release_date": "2023-01-31T23:00:00.000+00:00",
"title": "CVE-2019-11358"
},
{
"cve": "CVE-2019-8331",
"notes": [
{
"category": "description",
"text": "In Red Hat JBoss Enterprise Application Platform existieren mehrere Schwachstellen. Diese bestehen aufgrund von Fehlern in verschiedenen Komponenten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, ein Cross-Site-Scritping-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T026183",
"67646",
"T001663",
"T027764",
"T030195",
"T017562"
]
},
"release_date": "2023-01-31T23:00:00.000+00:00",
"title": "CVE-2019-8331"
},
{
"cve": "CVE-2020-11022",
"notes": [
{
"category": "description",
"text": "In Red Hat JBoss Enterprise Application Platform existieren mehrere Schwachstellen. Diese bestehen aufgrund von Fehlern in verschiedenen Komponenten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, ein Cross-Site-Scritping-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T026183",
"67646",
"T001663",
"T027764",
"T030195",
"T017562"
]
},
"release_date": "2023-01-31T23:00:00.000+00:00",
"title": "CVE-2020-11022"
},
{
"cve": "CVE-2020-11023",
"notes": [
{
"category": "description",
"text": "In Red Hat JBoss Enterprise Application Platform existieren mehrere Schwachstellen. Diese bestehen aufgrund von Fehlern in verschiedenen Komponenten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, ein Cross-Site-Scritping-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T026183",
"67646",
"T001663",
"T027764",
"T030195",
"T017562"
]
},
"release_date": "2023-01-31T23:00:00.000+00:00",
"title": "CVE-2020-11023"
},
{
"cve": "CVE-2022-3143",
"notes": [
{
"category": "description",
"text": "In Red Hat JBoss Enterprise Application Platform existieren mehrere Schwachstellen. Diese bestehen aufgrund von Fehlern in verschiedenen Komponenten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, ein Cross-Site-Scritping-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T026183",
"67646",
"T001663",
"T027764",
"T030195",
"T017562"
]
},
"release_date": "2023-01-31T23:00:00.000+00:00",
"title": "CVE-2022-3143"
},
{
"cve": "CVE-2022-40149",
"notes": [
{
"category": "description",
"text": "In Red Hat JBoss Enterprise Application Platform existieren mehrere Schwachstellen. Diese bestehen aufgrund von Fehlern in verschiedenen Komponenten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, ein Cross-Site-Scritping-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T026183",
"67646",
"T001663",
"T027764",
"T030195",
"T017562"
]
},
"release_date": "2023-01-31T23:00:00.000+00:00",
"title": "CVE-2022-40149"
},
{
"cve": "CVE-2022-40150",
"notes": [
{
"category": "description",
"text": "In Red Hat JBoss Enterprise Application Platform existieren mehrere Schwachstellen. Diese bestehen aufgrund von Fehlern in verschiedenen Komponenten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, ein Cross-Site-Scritping-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T026183",
"67646",
"T001663",
"T027764",
"T030195",
"T017562"
]
},
"release_date": "2023-01-31T23:00:00.000+00:00",
"title": "CVE-2022-40150"
},
{
"cve": "CVE-2022-40152",
"notes": [
{
"category": "description",
"text": "In Red Hat JBoss Enterprise Application Platform existieren mehrere Schwachstellen. Diese bestehen aufgrund von Fehlern in verschiedenen Komponenten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, ein Cross-Site-Scritping-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T026183",
"67646",
"T001663",
"T027764",
"T030195",
"T017562"
]
},
"release_date": "2023-01-31T23:00:00.000+00:00",
"title": "CVE-2022-40152"
},
{
"cve": "CVE-2022-42003",
"notes": [
{
"category": "description",
"text": "In Red Hat JBoss Enterprise Application Platform existieren mehrere Schwachstellen. Diese bestehen aufgrund von Fehlern in verschiedenen Komponenten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, ein Cross-Site-Scritping-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T026183",
"67646",
"T001663",
"T027764",
"T030195",
"T017562"
]
},
"release_date": "2023-01-31T23:00:00.000+00:00",
"title": "CVE-2022-42003"
},
{
"cve": "CVE-2022-42004",
"notes": [
{
"category": "description",
"text": "In Red Hat JBoss Enterprise Application Platform existieren mehrere Schwachstellen. Diese bestehen aufgrund von Fehlern in verschiedenen Komponenten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, ein Cross-Site-Scritping-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T026183",
"67646",
"T001663",
"T027764",
"T030195",
"T017562"
]
},
"release_date": "2023-01-31T23:00:00.000+00:00",
"title": "CVE-2022-42004"
},
{
"cve": "CVE-2022-45047",
"notes": [
{
"category": "description",
"text": "In Red Hat JBoss Enterprise Application Platform existieren mehrere Schwachstellen. Diese bestehen aufgrund von Fehlern in verschiedenen Komponenten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, ein Cross-Site-Scritping-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T026183",
"67646",
"T001663",
"T027764",
"T030195",
"T017562"
]
},
"release_date": "2023-01-31T23:00:00.000+00:00",
"title": "CVE-2022-45047"
},
{
"cve": "CVE-2022-45693",
"notes": [
{
"category": "description",
"text": "In Red Hat JBoss Enterprise Application Platform existieren mehrere Schwachstellen. Diese bestehen aufgrund von Fehlern in verschiedenen Komponenten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, ein Cross-Site-Scritping-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T026183",
"67646",
"T001663",
"T027764",
"T030195",
"T017562"
]
},
"release_date": "2023-01-31T23:00:00.000+00:00",
"title": "CVE-2022-45693"
},
{
"cve": "CVE-2022-46364",
"notes": [
{
"category": "description",
"text": "In Red Hat JBoss Enterprise Application Platform existieren mehrere Schwachstellen. Diese bestehen aufgrund von Fehlern in verschiedenen Komponenten. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, ein Cross-Site-Scritping-Angriff durchzuf\u00fchren, Informationen offenzulegen, einen Denial of Service Zustand herbeizuf\u00fchren oder Sicherheitsvorkehrungen zu umgehen."
}
],
"product_status": {
"known_affected": [
"T026183",
"67646",
"T001663",
"T027764",
"T030195",
"T017562"
]
},
"release_date": "2023-01-31T23:00:00.000+00:00",
"title": "CVE-2022-46364"
}
]
}
CERTFR-2024-AVI-1030
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans IBM QRadar. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "QRadar User Behavior Analytics versions 1.x \u00e0 4.1.x ant\u00e9rieures \u00e0 4.1.17",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-37891",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37891"
},
{
"name": "CVE-2024-43788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43788"
},
{
"name": "CVE-2024-4068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4068"
},
{
"name": "CVE-2024-47831",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47831"
},
{
"name": "CVE-2018-14040",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14040"
},
{
"name": "CVE-2024-34069",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34069"
},
{
"name": "CVE-2018-20676",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20676"
},
{
"name": "CVE-2024-1135",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1135"
},
{
"name": "CVE-2018-20677",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20677"
},
{
"name": "CVE-2024-45801",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45801"
},
{
"name": "CVE-2024-5569",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5569"
},
{
"name": "CVE-2024-47875",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47875"
},
{
"name": "CVE-2018-14041",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14041"
},
{
"name": "CVE-2016-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10735"
},
{
"name": "CVE-2024-39338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39338"
},
{
"name": "CVE-2024-34064",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34064"
},
{
"name": "CVE-2024-39689",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39689"
},
{
"name": "CVE-2024-6345",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6345"
},
{
"name": "CVE-2019-8331",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8331"
}
],
"initial_release_date": "2024-11-29T00:00:00",
"last_revision_date": "2024-11-29T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-1030",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-11-29T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans IBM QRadar. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans IBM QRadar",
"vendor_advisories": [
{
"published_at": "2024-11-20",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7176642",
"url": "https://www.ibm.com/support/pages/node/7176642"
}
]
}
CERTFR-2023-AVI-0513
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits IBM. Elles permettent à un attaquant de provoquer un contournement de la politique de sécurité, un déni de service, une injection de code indirecte à distance (XSS), une élévation de privilèges, un problème de sécurité non spécifié par l'éditeur, une atteinte à l'intégrité des données, une atteinte à la confidentialité des données et une exécution de code arbitraire à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | Sterling Connect:Direct | IBM Sterling Connect:Direct File Agent versions 1.4.x antérieures à 1.4.0.2_iFix042 | ||
| IBM | Sterling Connect:Direct | BM Sterling Connect:Direct Web Services versions 6.2.x antérieures à 6.2.0.17 | ||
| IBM | Sterling Connect:Direct | IBM Sterling Connect:Direct pour Microsoft Windows versions 6.2.x antérieures à 6.2.0.4_iFix039 | ||
| IBM | QRadar SIEM | IBM QRadar SIEM version 7.5.x antérieures à 7.5.0 UP6 | ||
| IBM | Sterling Connect:Direct | IBM Sterling Connect:Direct pour Microsoft Windows versions 6.1.x antérieures à 6.1.0.2_iFix064 | ||
| IBM | Sterling Connect:Direct | IBM Sterling Connect:Direct pour Microsoft Windows versions 6.0.x antérieures à 6.0.0.4_iFix068 | ||
| IBM | N/A | IBM Connect:Direct Web Services versions 6.1.x antérieures à 6.1.0.19 | ||
| IBM | Sterling Connect:Direct | IBM Sterling Connect:Direct pour Microsoft Windows versions 6.3.x antérieures à 6.3.0.0_iFix007 |
References
| Title | Publication Time | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "IBM Sterling Connect:Direct File Agent versions 1.4.x ant\u00e9rieures \u00e0 1.4.0.2_iFix042",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "BM Sterling Connect:Direct Web Services versions 6.2.x ant\u00e9rieures \u00e0 6.2.0.17",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Sterling Connect:Direct pour Microsoft Windows versions 6.2.x ant\u00e9rieures \u00e0 6.2.0.4_iFix039",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM QRadar SIEM version 7.5.x ant\u00e9rieures \u00e0 7.5.0 UP6",
"product": {
"name": "QRadar SIEM",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Sterling Connect:Direct pour Microsoft Windows versions 6.1.x ant\u00e9rieures \u00e0 6.1.0.2_iFix064",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Sterling Connect:Direct pour Microsoft Windows versions 6.0.x ant\u00e9rieures \u00e0 6.0.0.4_iFix068",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Connect:Direct Web Services versions 6.1.x ant\u00e9rieures \u00e0 6.1.0.19",
"product": {
"name": "N/A",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Sterling Connect:Direct pour Microsoft Windows versions 6.3.x ant\u00e9rieures \u00e0 6.3.0.0_iFix007",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-21938",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21938"
},
{
"name": "CVE-2021-3733",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3733"
},
{
"name": "CVE-2023-28708",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28708"
},
{
"name": "CVE-2023-21954",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21954"
},
{
"name": "CVE-2023-21939",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21939"
},
{
"name": "CVE-2021-23336",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23336"
},
{
"name": "CVE-2023-1436",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1436"
},
{
"name": "CVE-2022-45061",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45061"
},
{
"name": "CVE-2022-23521",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23521"
},
{
"name": "CVE-2022-42703",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42703"
},
{
"name": "CVE-2023-20861",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20861"
},
{
"name": "CVE-2022-41903",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41903"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2022-0391",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0391"
},
{
"name": "CVE-2020-26116",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26116"
},
{
"name": "CVE-2022-43750",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43750"
},
{
"name": "CVE-2018-20060",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20060"
},
{
"name": "CVE-2022-40149",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40149"
},
{
"name": "CVE-2021-43138",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43138"
},
{
"name": "CVE-2023-0767",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0767"
},
{
"name": "CVE-2015-0254",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0254"
},
{
"name": "CVE-2022-40150",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40150"
},
{
"name": "CVE-2022-45693",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45693"
},
{
"name": "CVE-2022-37434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37434"
},
{
"name": "CVE-2019-9740",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9740"
},
{
"name": "CVE-2022-4378",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4378"
},
{
"name": "CVE-2022-40151",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40151"
},
{
"name": "CVE-2023-21937",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21937"
},
{
"name": "CVE-2021-3737",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3737"
},
{
"name": "CVE-2023-2597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2597"
},
{
"name": "CVE-2022-42004",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
},
{
"name": "CVE-2023-25194",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25194"
},
{
"name": "CVE-2022-38023",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38023"
},
{
"name": "CVE-2023-20863",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20863"
},
{
"name": "CVE-2019-18348",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-18348"
},
{
"name": "CVE-2022-45685",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45685"
},
{
"name": "CVE-2023-20859",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20859"
},
{
"name": "CVE-2022-34917",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34917"
},
{
"name": "CVE-2023-20860",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20860"
},
{
"name": "CVE-2016-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10735"
},
{
"name": "CVE-2023-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21968"
},
{
"name": "CVE-2021-28861",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28861"
},
{
"name": "CVE-2023-21930",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21930"
},
{
"name": "CVE-2023-24998",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24998"
},
{
"name": "CVE-2023-24329",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24329"
},
{
"name": "CVE-2022-42003",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
},
{
"name": "CVE-2015-20107",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-20107"
},
{
"name": "CVE-2023-1999",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1999"
},
{
"name": "CVE-2023-21967",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21967"
},
{
"name": "CVE-2019-8331",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8331"
}
],
"initial_release_date": "2023-07-07T00:00:00",
"last_revision_date": "2023-07-07T00:00:00",
"links": [],
"reference": "CERTFR-2023-AVI-0513",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-07-07T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits \u003cspan\nclass=\"textit\"\u003eIBM\u003c/span\u003e. Elles permettent \u00e0 un attaquant de provoquer\nun contournement de la politique de s\u00e9curit\u00e9, un d\u00e9ni de service, une\ninjection de code indirecte \u00e0 distance (XSS), une \u00e9l\u00e9vation de\nprivil\u00e8ges, un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, une\natteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es, une atteinte \u00e0 la confidentialit\u00e9\ndes donn\u00e9es et une ex\u00e9cution de code arbitraire \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7010099 du 06 juillet 2023",
"url": "https://www.ibm.com/support/pages/node/7010099"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7009987 du 06 juillet 2023",
"url": "https://www.ibm.com/support/pages/node/7009987"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7009301 du 07 juillet 2023",
"url": "https://www.ibm.com/support/pages/node/7009301"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7010095 du 06 juillet 2023",
"url": "https://www.ibm.com/support/pages/node/7010095"
}
]
}
CERTFR-2024-AVI-1103
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | Cognos Analytics | Cognos Analytics versions 12.0.x antérieures à 12.0.4 | ||
| IBM | Sterling | Sterling External Authentication Server versions 6.1.0.x antérieures à 6.1.0.2 ifix 01 | ||
| IBM | QRadar SIEM | Security QRadar Log Management AQL Plugin versions antérieures à 1.1.0 | ||
| IBM | Sterling | Sterling Secure Proxy versions 6.0.x antérieures à 6.0.3.1 (fixpack) GA | ||
| IBM | Cognos Analytics | Cognos Analytics versions 11.2.x antérieures à 11.2.4 FP5 | ||
| IBM | Sterling | Sterling Secure Proxy versions 6.1.x antérieures à 6.1.0.1 (fixpack) GA | ||
| IBM | Sterling | Sterling Secure Proxy versions 6.2.x antérieures à 6.2.0.0 ifix 01 | ||
| IBM | Sterling Connect:Direct | Sterling Connect:Direct Web Services versions 6.3.x antérieures à 6.3.0.11_ifix001 |
References
| Title | Publication Time | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Cognos Analytics versions 12.0.x ant\u00e9rieures \u00e0 12.0.4",
"product": {
"name": "Cognos Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling External Authentication Server versions 6.1.0.x ant\u00e9rieures \u00e0 6.1.0.2 ifix 01",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": " Security QRadar Log Management AQL Plugin versions ant\u00e9rieures \u00e0 1.1.0",
"product": {
"name": "QRadar SIEM",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Secure Proxy versions 6.0.x ant\u00e9rieures \u00e0 6.0.3.1 (fixpack) GA",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Cognos Analytics versions 11.2.x ant\u00e9rieures \u00e0 11.2.4 FP5",
"product": {
"name": "Cognos Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Secure Proxy versions 6.1.x ant\u00e9rieures \u00e0 6.1.0.1 (fixpack) GA",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Secure Proxy versions 6.2.x ant\u00e9rieures \u00e0 6.2.0.0 ifix 01",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Connect:Direct Web Services versions 6.3.x ant\u00e9rieures \u00e0 6.3.0.11_ifix001",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2010-1205",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-1205"
},
{
"name": "CVE-2014-1544",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-1544"
},
{
"name": "CVE-2014-1568",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-1568"
},
{
"name": "CVE-2015-7182",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7182"
},
{
"name": "CVE-2015-7181",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7181"
},
{
"name": "CVE-2015-7575",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7575"
},
{
"name": "CVE-2016-1938",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1938"
},
{
"name": "CVE-2017-5461",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5461"
},
{
"name": "CVE-2018-12384",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12384"
},
{
"name": "CVE-2019-7317",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-7317"
},
{
"name": "CVE-2019-11729",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11729"
},
{
"name": "CVE-2019-11727",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11727"
},
{
"name": "CVE-2019-11719",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11719"
},
{
"name": "CVE-2018-12404",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12404"
},
{
"name": "CVE-2019-11756",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11756"
},
{
"name": "CVE-2019-11745",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11745"
},
{
"name": "CVE-2019-8331",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8331"
},
{
"name": "CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"name": "CVE-2019-17023",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17023"
},
{
"name": "CVE-2020-11022",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
},
{
"name": "CVE-2020-11023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
},
{
"name": "CVE-2020-12400",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12400"
},
{
"name": "CVE-2020-12401",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12401"
},
{
"name": "CVE-2020-6829",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6829"
},
{
"name": "CVE-2019-17006",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17006"
},
{
"name": "CVE-2018-18508",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-18508"
},
{
"name": "CVE-2019-17007",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17007"
},
{
"name": "CVE-2018-20677",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20677"
},
{
"name": "CVE-2018-14040",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14040"
},
{
"name": "CVE-2018-14042",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14042"
},
{
"name": "CVE-2016-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10735"
},
{
"name": "CVE-2018-20676",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20676"
},
{
"name": "CVE-2017-12652",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12652"
},
{
"name": "CVE-2020-25648",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25648"
},
{
"name": "CVE-2022-23990",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23990"
},
{
"name": "CVE-2021-45960",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45960"
},
{
"name": "CVE-2022-22827",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22827"
},
{
"name": "CVE-2022-22825",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22825"
},
{
"name": "CVE-2022-22824",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22824"
},
{
"name": "CVE-2022-22826",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22826"
},
{
"name": "CVE-2022-23852",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23852"
},
{
"name": "CVE-2022-22823",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22823"
},
{
"name": "CVE-2020-12403",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12403"
},
{
"name": "CVE-2021-38153",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38153"
},
{
"name": "CVE-2021-43138",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43138"
},
{
"name": "CVE-2022-34749",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34749"
},
{
"name": "CVE-2022-40897",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40897"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2023-0767",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0767"
},
{
"name": "CVE-2023-23931",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23931"
},
{
"name": "CVE-2023-2650",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
},
{
"name": "CVE-2023-31130",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31130"
},
{
"name": "CVE-2023-32067",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32067"
},
{
"name": "CVE-2023-25194",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25194"
},
{
"name": "CVE-2023-3446",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
},
{
"name": "CVE-2023-32681",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32681"
},
{
"name": "CVE-2023-38325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38325"
},
{
"name": "CVE-2023-4807",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
},
{
"name": "CVE-2023-30774",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30774"
},
{
"name": "CVE-2023-5678",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5678"
},
{
"name": "CVE-2023-40217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40217"
},
{
"name": "CVE-2023-4813",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4813"
},
{
"name": "CVE-2023-4806",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4806"
},
{
"name": "CVE-2020-19189",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-19189"
},
{
"name": "CVE-2023-5156",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5156"
},
{
"name": "CVE-2021-46848",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46848"
},
{
"name": "CVE-2022-21699",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21699"
},
{
"name": "CVE-2023-6237",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6237"
},
{
"name": "CVE-2023-30086",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30086"
},
{
"name": "CVE-2023-26965",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26965"
},
{
"name": "CVE-2023-3316",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3316"
},
{
"name": "CVE-2023-6129",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6129"
},
{
"name": "CVE-2022-48554",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48554"
},
{
"name": "CVE-2020-23064",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-23064"
},
{
"name": "CVE-2023-5388",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5388"
},
{
"name": "CVE-2023-49083",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49083"
},
{
"name": "CVE-2024-25710",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25710"
},
{
"name": "CVE-2024-26308",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26308"
},
{
"name": "CVE-2024-22195",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22195"
},
{
"name": "CVE-2023-50782",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50782"
},
{
"name": "CVE-2023-52426",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52426"
},
{
"name": "CVE-2024-21011",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21011"
},
{
"name": "CVE-2024-21094",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21094"
},
{
"name": "CVE-2024-21085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21085"
},
{
"name": "CVE-2024-29133",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29133"
},
{
"name": "CVE-2024-29131",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29131"
},
{
"name": "CVE-2024-28849",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28849"
},
{
"name": "CVE-2024-22201",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22201"
},
{
"name": "CVE-2024-25629",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25629"
},
{
"name": "CVE-2023-52425",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52425"
},
{
"name": "CVE-2024-4367",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4367"
},
{
"name": "CVE-2024-27983",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27983"
},
{
"name": "CVE-2023-51074",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51074"
},
{
"name": "CVE-2024-23944",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23944"
},
{
"name": "CVE-2023-38264",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38264"
},
{
"name": "CVE-2024-29025",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29025"
},
{
"name": "CVE-2024-34102",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34102"
},
{
"name": "CVE-2024-28757",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28757"
},
{
"name": "CVE-2024-29041",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29041"
},
{
"name": "CVE-2024-29857",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29857"
},
{
"name": "CVE-2024-30171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30171"
},
{
"name": "CVE-2024-30172",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30172"
},
{
"name": "CVE-2021-36770",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36770"
},
{
"name": "CVE-2024-2398",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2398"
},
{
"name": "CVE-2024-28176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28176"
},
{
"name": "CVE-2024-28863",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28863"
},
{
"name": "CVE-2024-4067",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4067"
},
{
"name": "CVE-2024-4068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4068"
},
{
"name": "CVE-2023-50495",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50495"
},
{
"name": "CVE-2024-27982",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27982"
},
{
"name": "CVE-2023-52356",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52356"
},
{
"name": "CVE-2023-6228",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6228"
},
{
"name": "CVE-2023-6277",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6277"
},
{
"name": "CVE-2024-6345",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6345"
},
{
"name": "CVE-2024-37890",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37890"
},
{
"name": "CVE-2024-39008",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39008"
},
{
"name": "CVE-2023-3164",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3164"
},
{
"name": "CVE-2024-22018",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22018"
},
{
"name": "CVE-2024-22020",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22020"
},
{
"name": "CVE-2024-27980",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27980"
},
{
"name": "CVE-2024-36137",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36137"
},
{
"name": "CVE-2024-36138",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36138"
},
{
"name": "CVE-2024-37372",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37372"
},
{
"name": "CVE-2024-39338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39338"
},
{
"name": "CVE-2024-7264",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7264"
},
{
"name": "CVE-2024-22871",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22871"
},
{
"name": "CVE-2018-15209",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15209"
},
{
"name": "CVE-2023-37536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-37536"
},
{
"name": "CVE-2024-45296",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45296"
},
{
"name": "CVE-2024-34447",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34447"
},
{
"name": "CVE-2024-43796",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43796"
},
{
"name": "CVE-2024-45590",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45590"
},
{
"name": "CVE-2018-14041",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14041"
},
{
"name": "CVE-2024-36114",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36114"
},
{
"name": "CVE-2024-25638",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25638"
},
{
"name": "CVE-2024-51504",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-51504"
},
{
"name": "CVE-2024-7006",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7006"
},
{
"name": "CVE-2013-2099",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2099"
},
{
"name": "CVE-2014-1569",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-1569"
},
{
"name": "CVE-2017-11613",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11613"
},
{
"name": "CVE-2017-11695",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11695"
},
{
"name": "CVE-2017-11696",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11696"
},
{
"name": "CVE-2017-11697",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11697"
},
{
"name": "CVE-2017-11698",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11698"
},
{
"name": "CVE-2017-12627",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12627"
},
{
"name": "CVE-2017-18013",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18013"
},
{
"name": "CVE-2017-18869",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18869"
},
{
"name": "CVE-2017-9937",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9937"
},
{
"name": "CVE-2018-16335",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16335"
},
{
"name": "CVE-2018-17000",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17000"
},
{
"name": "CVE-2018-17100",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17100"
},
{
"name": "CVE-2018-17101",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17101"
},
{
"name": "CVE-2018-19210",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19210"
},
{
"name": "CVE-2018-5784",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5784"
},
{
"name": "CVE-2018-7456",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7456"
},
{
"name": "CVE-2019-10255",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10255"
},
{
"name": "CVE-2019-14973",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14973"
},
{
"name": "CVE-2019-17546",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17546"
},
{
"name": "CVE-2019-6128",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6128"
},
{
"name": "CVE-2020-15110",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15110"
},
{
"name": "CVE-2020-18768",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-18768"
},
{
"name": "CVE-2020-19131",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-19131"
},
{
"name": "CVE-2020-19144",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-19144"
},
{
"name": "CVE-2020-26261",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26261"
},
{
"name": "CVE-2020-35521",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35521"
},
{
"name": "CVE-2020-35522",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35522"
},
{
"name": "CVE-2020-35523",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35523"
},
{
"name": "CVE-2020-35524",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35524"
},
{
"name": "CVE-2020-36191",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36191"
},
{
"name": "CVE-2021-32862",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32862"
},
{
"name": "CVE-2022-0561",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0561"
},
{
"name": "CVE-2022-0562",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0562"
},
{
"name": "CVE-2022-0891",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0891"
},
{
"name": "CVE-2022-0908",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0908"
},
{
"name": "CVE-2022-2056",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2056"
},
{
"name": "CVE-2022-2057",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2057"
},
{
"name": "CVE-2022-2058",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2058"
},
{
"name": "CVE-2022-22844",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22844"
},
{
"name": "CVE-2022-2867",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2867"
},
{
"name": "CVE-2022-2868",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2868"
},
{
"name": "CVE-2022-2869",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2869"
},
{
"name": "CVE-2022-34266",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34266"
},
{
"name": "CVE-2022-34526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34526"
},
{
"name": "CVE-2022-3479",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3479"
},
{
"name": "CVE-2022-3570",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3570"
},
{
"name": "CVE-2022-3597",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3597"
},
{
"name": "CVE-2022-3598",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3598"
},
{
"name": "CVE-2022-3599",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3599"
},
{
"name": "CVE-2022-3626",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3626"
},
{
"name": "CVE-2022-3627",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3627"
},
{
"name": "CVE-2022-40090",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40090"
},
{
"name": "CVE-2022-4645",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4645"
},
{
"name": "CVE-2023-0795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0795"
},
{
"name": "CVE-2023-0796",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0796"
},
{
"name": "CVE-2023-0797",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0797"
},
{
"name": "CVE-2023-0798",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0798"
},
{
"name": "CVE-2023-0799",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0799"
},
{
"name": "CVE-2023-0800",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0800"
},
{
"name": "CVE-2023-0801",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0801"
},
{
"name": "CVE-2023-0802",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0802"
},
{
"name": "CVE-2023-0803",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0803"
},
{
"name": "CVE-2023-0804",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0804"
},
{
"name": "CVE-2023-1916",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1916"
},
{
"name": "CVE-2023-24816",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24816"
},
{
"name": "CVE-2023-25434",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25434"
},
{
"name": "CVE-2023-25435",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25435"
},
{
"name": "CVE-2023-2731",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2731"
},
{
"name": "CVE-2023-2908",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2908"
},
{
"name": "CVE-2023-30775",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30775"
},
{
"name": "CVE-2023-3576",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3576"
},
{
"name": "CVE-2023-38288",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38288"
},
{
"name": "CVE-2023-38289",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38289"
},
{
"name": "CVE-2023-40745",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40745"
},
{
"name": "CVE-2023-41175",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-41175"
},
{
"name": "CVE-2023-41334",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-41334"
},
{
"name": "CVE-2023-4421",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4421"
},
{
"name": "CVE-2023-4759",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4759"
},
{
"name": "CVE-2023-50291",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50291"
},
{
"name": "CVE-2023-50292",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50292"
},
{
"name": "CVE-2023-50298",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50298"
},
{
"name": "CVE-2023-50386",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50386"
},
{
"name": "CVE-2023-50447",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50447"
},
{
"name": "CVE-2024-25016",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25016"
},
{
"name": "CVE-2024-29896",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29896"
},
{
"name": "CVE-2024-33883",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33883"
},
{
"name": "CVE-2024-38337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38337"
},
{
"name": "CVE-2024-41752",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41752"
},
{
"name": "CVE-2024-45082",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45082"
}
],
"initial_release_date": "2024-12-20T00:00:00",
"last_revision_date": "2024-12-20T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-1103",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-12-20T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
},
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": "2024-12-17",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7177142",
"url": "https://www.ibm.com/support/pages/node/7177142"
},
{
"published_at": "2024-12-17",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7177223",
"url": "https://www.ibm.com/support/pages/node/7177223"
},
{
"published_at": "2024-12-16",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7179044",
"url": "https://www.ibm.com/support/pages/node/7179044"
},
{
"published_at": "2024-12-17",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7179156",
"url": "https://www.ibm.com/support/pages/node/7179156"
},
{
"published_at": "2024-12-17",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7179166",
"url": "https://www.ibm.com/support/pages/node/7179166"
},
{
"published_at": "2024-12-13",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7178835",
"url": "https://www.ibm.com/support/pages/node/7178835"
}
]
}
CERTFR-2021-AVI-571
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans Tenable. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une atteinte à la confidentialité des données et une injection de code indirecte à distance (XSS).
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneReferences
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Tenable.sc versions ant\u00e9rieures \u00e0 5.19.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Tenable",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2018-14042",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14042"
},
{
"name": "CVE-2020-7060",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7060"
},
{
"name": "CVE-2019-11048",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11048"
},
{
"name": "CVE-2020-13434",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13434"
},
{
"name": "CVE-2018-14040",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14040"
},
{
"name": "CVE-2020-13632",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13632"
},
{
"name": "CVE-2019-11041",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11041"
},
{
"name": "CVE-2020-7071",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7071"
},
{
"name": "CVE-2019-11045",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11045"
},
{
"name": "CVE-2021-21704",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21704"
},
{
"name": "CVE-2020-7070",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7070"
},
{
"name": "CVE-2020-7069",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7069"
},
{
"name": "CVE-2019-11046",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11046"
},
{
"name": "CVE-2020-7063",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7063"
},
{
"name": "CVE-2020-13630",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13630"
},
{
"name": "CVE-2019-19646",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19646"
},
{
"name": "CVE-2018-20676",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20676"
},
{
"name": "CVE-2021-21705",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21705"
},
{
"name": "CVE-2019-19919",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19919"
},
{
"name": "CVE-2021-23358",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23358"
},
{
"name": "CVE-2020-11656",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11656"
},
{
"name": "CVE-2020-7068",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7068"
},
{
"name": "CVE-2018-20677",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20677"
},
{
"name": "CVE-2019-11044",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11044"
},
{
"name": "CVE-2020-7064",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7064"
},
{
"name": "CVE-2020-15358",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15358"
},
{
"name": "CVE-2017-5661",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5661"
},
{
"name": "CVE-2019-11047",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11047"
},
{
"name": "CVE-2020-7067",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7067"
},
{
"name": "CVE-2020-7062",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7062"
},
{
"name": "CVE-2020-13631",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13631"
},
{
"name": "CVE-2019-11043",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11043"
},
{
"name": "CVE-2020-7065",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7065"
},
{
"name": "CVE-2019-11050",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11050"
},
{
"name": "CVE-2020-11022",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
},
{
"name": "CVE-2020-7066",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7066"
},
{
"name": "CVE-2016-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10735"
},
{
"name": "CVE-2019-19645",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19645"
},
{
"name": "CVE-2020-11655",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11655"
},
{
"name": "CVE-2019-16168",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16168"
},
{
"name": "CVE-2020-7061",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7061"
},
{
"name": "CVE-2020-7059",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7059"
},
{
"name": "CVE-2019-11042",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11042"
},
{
"name": "CVE-2019-11049",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11049"
},
{
"name": "CVE-2021-21702",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21702"
},
{
"name": "CVE-2020-13435",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13435"
},
{
"name": "CVE-2019-8331",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8331"
}
],
"initial_release_date": "2021-07-23T00:00:00",
"last_revision_date": "2021-07-23T00:00:00",
"links": [],
"reference": "CERTFR-2021-AVI-571",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2021-07-23T00:00:00.000000"
}
],
"risks": [
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Tenable. Elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une\ninjection de code indirecte \u00e0 distance (XSS).\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Tenable",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Tenable tns-2021-14 du 22 juillet 2021",
"url": "https://www.tenable.com/security/tns-2021-14"
}
]
}
CERTFR-2024-AVI-1015
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Les vulnérabilités CVE-2024-47875 et CVE-2024-45801 n'ont pas de correctif pour Sterling Connect:Direct Web Services versions 6.1.x et 6.2.x
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | QRadar | QRadar Pre-Validation App versions antérieures à 2.0.1 | ||
| IBM | QRadar | QRadar Pulse App versions antérieures à 2.2.15 | ||
| IBM | WebSphere | WebSphere Hybrid Edition sans le correctif APAR PH63533 | ||
| IBM | Sterling Connect:Direct | Sterling Connect:Direct Web Services versions 6.2.x antérieures à 6.2.0.25 | ||
| IBM | AIX | AIX version 7.3 sans le correctif bind_fix27/73bind918.tar | ||
| IBM | VIOS | VIOS version 3.1 sans le correctif bind_fix27/72bind918.tar | ||
| IBM | WebSphere | WebSphere Application Server Liberty sans le correctif APAR PH63533 | ||
| IBM | Cloud Pak System | Cloud Pak System versions antérieures à 2.3.5.0 pour Power avec le correctif PH60195/PH61002 | ||
| IBM | AIX | AIX version 7.2 sans le correctif bind_fix27/72bind918.tar | ||
| IBM | VIOS | VIOS version 4.1 sans le correctif bind_fix27/73bind918.tar | ||
| IBM | Sterling Connect:Direct | Sterling Connect:Direct Web Services versions 6.1.x antérieures à 6.1.0.26 | ||
| IBM | Cloud Pak System | Cloud Pak System versions antérieures à 2.3.4.1 pour Intel avec le correctif PH60195/PH61002 | ||
| IBM | Sterling Connect:Direct | Sterling Connect:Direct Web Services versions 6.3.x antérieures à 6.3.0.11 | ||
| IBM | QRadar | QRadar User Behavior Analytics versions antérieures à 4.1.17 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "QRadar Pre-Validation App versions ant\u00e9rieures \u00e0 2.0.1",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar Pulse App versions ant\u00e9rieures \u00e0 2.2.15",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "WebSphere Hybrid Edition sans le correctif APAR PH63533",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Connect:Direct Web Services versions 6.2.x ant\u00e9rieures \u00e0 6.2.0.25",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "AIX version 7.3 sans le correctif bind_fix27/73bind918.tar",
"product": {
"name": "AIX",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "VIOS version 3.1 sans le correctif bind_fix27/72bind918.tar",
"product": {
"name": "VIOS",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "WebSphere Application Server Liberty sans le correctif APAR PH63533",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Cloud Pak System versions ant\u00e9rieures \u00e0 2.3.5.0 pour Power avec le correctif PH60195/PH61002",
"product": {
"name": "Cloud Pak System",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "AIX version 7.2 sans le correctif bind_fix27/72bind918.tar",
"product": {
"name": "AIX",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "VIOS version 4.1 sans le correctif bind_fix27/73bind918.tar",
"product": {
"name": "VIOS",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Connect:Direct Web Services versions 6.1.x ant\u00e9rieures \u00e0 6.1.0.26",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Cloud Pak System versions ant\u00e9rieures \u00e0 2.3.4.1 pour Intel avec le correctif PH60195/PH61002",
"product": {
"name": "Cloud Pak System",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Connect:Direct Web Services versions 6.3.x ant\u00e9rieures \u00e0 6.3.0.11",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar User Behavior Analytics versions ant\u00e9rieures \u00e0 4.1.17",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": "Les vuln\u00e9rabilit\u00e9s CVE-2024-47875 et CVE-2024-45801 n\u0027ont pas de correctif pour Sterling Connect:Direct Web Services versions 6.1.x et 6.2.x",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-37891",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37891"
},
{
"name": "CVE-2024-28849",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28849"
},
{
"name": "CVE-2024-43788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43788"
},
{
"name": "CVE-2024-4068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4068"
},
{
"name": "CVE-2024-47831",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47831"
},
{
"name": "CVE-2024-4076",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4076"
},
{
"name": "CVE-2018-14040",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14040"
},
{
"name": "CVE-2024-43799",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43799"
},
{
"name": "CVE-2024-34351",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34351"
},
{
"name": "CVE-2024-34069",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34069"
},
{
"name": "CVE-2024-1975",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1975"
},
{
"name": "CVE-2024-0760",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0760"
},
{
"name": "CVE-2024-1737",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1737"
},
{
"name": "CVE-2024-45590",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45590"
},
{
"name": "CVE-2024-43796",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43796"
},
{
"name": "CVE-2018-20676",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20676"
},
{
"name": "CVE-2024-1135",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1135"
},
{
"name": "CVE-2024-46982",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46982"
},
{
"name": "CVE-2018-20677",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20677"
},
{
"name": "CVE-2024-45296",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45296"
},
{
"name": "CVE-2024-45801",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45801"
},
{
"name": "CVE-2024-7254",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7254"
},
{
"name": "CVE-2023-51775",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51775"
},
{
"name": "CVE-2024-5569",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5569"
},
{
"name": "CVE-2024-47875",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47875"
},
{
"name": "CVE-2018-14041",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14041"
},
{
"name": "CVE-2024-43800",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43800"
},
{
"name": "CVE-2016-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10735"
},
{
"name": "CVE-2024-39338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39338"
},
{
"name": "CVE-2024-34064",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34064"
},
{
"name": "CVE-2024-38816",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38816"
},
{
"name": "CVE-2024-22354",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22354"
},
{
"name": "CVE-2024-39689",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39689"
},
{
"name": "CVE-2023-26159",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26159"
},
{
"name": "CVE-2024-6345",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6345"
},
{
"name": "CVE-2019-8331",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8331"
}
],
"initial_release_date": "2024-11-22T00:00:00",
"last_revision_date": "2024-11-22T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-1015",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-11-22T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": "2024-11-20",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7176657",
"url": "https://www.ibm.com/support/pages/node/7176657"
},
{
"published_at": "2024-11-20",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7176642",
"url": "https://www.ibm.com/support/pages/node/7176642"
},
{
"published_at": "2024-11-20",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7176660",
"url": "https://www.ibm.com/support/pages/node/7176660"
},
{
"published_at": "2024-11-18",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7176201",
"url": "https://www.ibm.com/support/pages/node/7176201"
},
{
"published_at": "2024-11-18",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7176391",
"url": "https://www.ibm.com/support/pages/node/7176391"
},
{
"published_at": "2024-11-18",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7176392",
"url": "https://www.ibm.com/support/pages/node/7176392"
},
{
"published_at": "2024-11-18",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7176386",
"url": "https://www.ibm.com/support/pages/node/7176386"
},
{
"published_at": "2024-11-18",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7176389",
"url": "https://www.ibm.com/support/pages/node/7176389"
},
{
"published_at": "2024-11-18",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7176451",
"url": "https://www.ibm.com/support/pages/node/7176451"
},
{
"published_at": "2024-11-18",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7176388",
"url": "https://www.ibm.com/support/pages/node/7176388"
},
{
"published_at": "2024-11-18",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7176205",
"url": "https://www.ibm.com/support/pages/node/7176205"
}
]
}
ICSA-22-055-02
Vulnerability from csaf_cisa
Published
2022-02-24 00:00
Modified
2022-02-24 00:00
Summary
Mitsubishi Electric EcoWebServerIII
Notes
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Risk evaluation
Successful exploitation of these vulnerabilities could allow information to be disclosed, tampered with, or result in a denial-of-service condition.
Critical infrastructure sectors
Critical Manufacturing
Countries/areas deployed
Worldwide
Company headquarters location
Japan
Recommended Practices
CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.
Recommended Practices
CISA also recommends users take the following measures to protect themselves from social engineering attacks:
Exploitability
No known public exploits specifically target these vulnerabilities.
{
"document": {
"acknowledgments": [
{
"organization": "Mitsubishi Electric",
"summary": "reporting these vulnerabilities to CISA"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
"title": "CISA Disclaimer"
},
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "summary",
"text": "Successful exploitation of these vulnerabilities could allow information to be disclosed, tampered with, or result in a denial-of-service condition.",
"title": "Risk evaluation"
},
{
"category": "other",
"text": "Critical Manufacturing",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "Japan",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also recommends users take the following measures to protect themselves from social engineering attacks:",
"title": "Recommended Practices"
},
{
"category": "other",
"text": "No known public exploits specifically target these vulnerabilities.",
"title": "Exploitability"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSA-22-055-02 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2022/icsa-22-055-02.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-22-055-02 Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-055-02"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/sites/default/files/publications/emailscams_0905.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
}
],
"title": "Mitsubishi Electric EcoWebServerIII",
"tracking": {
"current_release_date": "2022-02-24T00:00:00.000000Z",
"generator": {
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-22-055-02",
"initial_release_date": "2022-02-24T00:00:00.000000Z",
"revision_history": [
{
"date": "2022-02-24T00:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "ICSA-22-055-02 Mitsubishi Electric EcoWebServerIII"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e= 3.0.0 | \u003c= 3.3.0",
"product": {
"name": "MES3-255C-CN: Versions 3.0.0 to 3.3.0",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "MES3-255C-CN"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e= 3.0.0 | \u003c= 3.3.0",
"product": {
"name": "MES3-255C-DM-CN: Versions 3.0.0 to 3.3.0",
"product_id": "CSAFPID-0002"
}
}
],
"category": "product_name",
"name": "MES3-255C-DM-CN"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e= 3.0.0 | \u003c= 3.3.0",
"product": {
"name": "MES3-255C-DM-EN: Versions 3.0.0 to 3.3.0",
"product_id": "CSAFPID-0003"
}
}
],
"category": "product_name",
"name": "MES3-255C-DM-EN"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e= 3.0.0 | \u003c= 3.3.0",
"product": {
"name": "MES3-255C-EN: Versions 3.0.0 to 3.3.0",
"product_id": "CSAFPID-0004"
}
}
],
"category": "product_name",
"name": "MES3-255C-EN"
}
],
"category": "vendor",
"name": "Mitsubishi Electric"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-10735",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "summary",
"text": "Multiple vulnerabilities due to cross-site scripting exist in Energy Saving Data Collecting Server (EcoWebServerIII), which may result in information disclosure or information tampering of the product.CVE-2016-10735, CVE-2018-14040, CVE-2018-14042, CVE-2018-20676, CVE-2019-8331, CVE-2020-11022, and CVE-2020-11023 have been assigned to these vulnerabilities. A CVSS v3 base score of 6.1 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N ).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10735"
},
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-14040"
},
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-14042"
},
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-20676"
},
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-8331"
},
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-11022"
},
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-11023"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "MES3-255C-EN: Update to v3.3.1 or later",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
{
"category": "mitigation",
"details": "MES3-255C-DM-EN: Update to v3.3.1 or later",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
{
"category": "mitigation",
"details": "MES3-255C-CN: Update to v3.3.1 or later",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
{
"category": "mitigation",
"details": "MES3-255C-DM-CN: Update to v3.3.1 or later",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
{
"category": "mitigation",
"details": "To update, users of the affected versions should refer to the user manual chapter \u201c4.8.6 Version up of Main Program\u201d (Setting). The manual and Setting Software for EcoWebServerIII are available to download on the MITSUBISHI ELECTRIC FA Global Website.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://www.mitsubishielectric.com/fa"
},
{
"category": "mitigation",
"details": "Use a firewall, a virtual private network (VPN), etc. to prevent unauthorized access when Internet access is required.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
{
"category": "mitigation",
"details": "Use within a LAN and block access from untrusted networks and hosts through firewalls.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
{
"category": "mitigation",
"details": "For specific update instructions and additional details see the Mitsubishi Electric advisory.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-029_en.pdf"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
}
]
},
{
"cve": "CVE-2018-14040",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "summary",
"text": "A vulnerability due to uncontrolled resource consumption exists in Energy Saving Data Collecting Server (EcoWebServerIII), which may result in a denial-of-service condition.CVE-2017-18214 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated for; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-18214"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "MES3-255C-EN: Update to v3.3.1 or later",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
{
"category": "mitigation",
"details": "MES3-255C-DM-EN: Update to v3.3.1 or later",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
{
"category": "mitigation",
"details": "MES3-255C-CN: Update to v3.3.1 or later",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
{
"category": "mitigation",
"details": "MES3-255C-DM-CN: Update to v3.3.1 or later",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
{
"category": "mitigation",
"details": "To update, users of the affected versions should refer to the user manual chapter \u201c4.8.6 Version up of Main Program\u201d (Setting). The manual and Setting Software for EcoWebServerIII are available to download on the MITSUBISHI ELECTRIC FA Global Website.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://www.mitsubishielectric.com/fa"
},
{
"category": "mitigation",
"details": "Use a firewall, a virtual private network (VPN), etc. to prevent unauthorized access when Internet access is required.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
{
"category": "mitigation",
"details": "Use within a LAN and block access from untrusted networks and hosts through firewalls.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
{
"category": "mitigation",
"details": "For specific update instructions and additional details see the Mitsubishi Electric advisory.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-029_en.pdf"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
}
]
},
{
"cve": "CVE-2018-14042",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"notes": [
{
"category": "summary",
"text": "A vulnerability due to improperly controlled modification of dynamically determined object attributes exists in Energy Saving Data Collecting Server (EcoWebServerIII), which may result in a denial-of-service condition.CVE-2020-7746 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated for; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-7746"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "MES3-255C-EN: Update to v3.3.1 or later",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
{
"category": "mitigation",
"details": "MES3-255C-DM-EN: Update to v3.3.1 or later",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
{
"category": "mitigation",
"details": "MES3-255C-CN: Update to v3.3.1 or later",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
{
"category": "mitigation",
"details": "MES3-255C-DM-CN: Update to v3.3.1 or later",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
{
"category": "mitigation",
"details": "To update, users of the affected versions should refer to the user manual chapter \u201c4.8.6 Version up of Main Program\u201d (Setting). The manual and Setting Software for EcoWebServerIII are available to download on the MITSUBISHI ELECTRIC FA Global Website.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://www.mitsubishielectric.com/fa"
},
{
"category": "mitigation",
"details": "Use a firewall, a virtual private network (VPN), etc. to prevent unauthorized access when Internet access is required.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
{
"category": "mitigation",
"details": "Use within a LAN and block access from untrusted networks and hosts through firewalls.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
{
"category": "mitigation",
"details": "For specific update instructions and additional details see the Mitsubishi Electric advisory.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-029_en.pdf"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
}
]
}
]
}
icsa-22-055-02
Vulnerability from csaf_cisa
Published
2022-02-24 00:00
Modified
2022-02-24 00:00
Summary
Mitsubishi Electric EcoWebServerIII
Notes
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Risk evaluation
Successful exploitation of these vulnerabilities could allow information to be disclosed, tampered with, or result in a denial-of-service condition.
Critical infrastructure sectors
Critical Manufacturing
Countries/areas deployed
Worldwide
Company headquarters location
Japan
Recommended Practices
CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.
Recommended Practices
CISA also recommends users take the following measures to protect themselves from social engineering attacks:
Exploitability
No known public exploits specifically target these vulnerabilities.
{
"document": {
"acknowledgments": [
{
"organization": "Mitsubishi Electric",
"summary": "reporting these vulnerabilities to CISA"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
"title": "CISA Disclaimer"
},
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "summary",
"text": "Successful exploitation of these vulnerabilities could allow information to be disclosed, tampered with, or result in a denial-of-service condition.",
"title": "Risk evaluation"
},
{
"category": "other",
"text": "Critical Manufacturing",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "Japan",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on cisa.gov in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also recommends users take the following measures to protect themselves from social engineering attacks:",
"title": "Recommended Practices"
},
{
"category": "other",
"text": "No known public exploits specifically target these vulnerabilities.",
"title": "Exploitability"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSA-22-055-02 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2022/icsa-22-055-02.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-22-055-02 Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-055-02"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/sites/default/files/publications/emailscams_0905.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
}
],
"title": "Mitsubishi Electric EcoWebServerIII",
"tracking": {
"current_release_date": "2022-02-24T00:00:00.000000Z",
"generator": {
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-22-055-02",
"initial_release_date": "2022-02-24T00:00:00.000000Z",
"revision_history": [
{
"date": "2022-02-24T00:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "ICSA-22-055-02 Mitsubishi Electric EcoWebServerIII"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e= 3.0.0 | \u003c= 3.3.0",
"product": {
"name": "MES3-255C-CN: Versions 3.0.0 to 3.3.0",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "MES3-255C-CN"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e= 3.0.0 | \u003c= 3.3.0",
"product": {
"name": "MES3-255C-DM-CN: Versions 3.0.0 to 3.3.0",
"product_id": "CSAFPID-0002"
}
}
],
"category": "product_name",
"name": "MES3-255C-DM-CN"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e= 3.0.0 | \u003c= 3.3.0",
"product": {
"name": "MES3-255C-DM-EN: Versions 3.0.0 to 3.3.0",
"product_id": "CSAFPID-0003"
}
}
],
"category": "product_name",
"name": "MES3-255C-DM-EN"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003e= 3.0.0 | \u003c= 3.3.0",
"product": {
"name": "MES3-255C-EN: Versions 3.0.0 to 3.3.0",
"product_id": "CSAFPID-0004"
}
}
],
"category": "product_name",
"name": "MES3-255C-EN"
}
],
"category": "vendor",
"name": "Mitsubishi Electric"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-10735",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "summary",
"text": "Multiple vulnerabilities due to cross-site scripting exist in Energy Saving Data Collecting Server (EcoWebServerIII), which may result in information disclosure or information tampering of the product.CVE-2016-10735, CVE-2018-14040, CVE-2018-14042, CVE-2018-20676, CVE-2019-8331, CVE-2020-11022, and CVE-2020-11023 have been assigned to these vulnerabilities. A CVSS v3 base score of 6.1 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N ).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10735"
},
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-14040"
},
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-14042"
},
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-20676"
},
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-8331"
},
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-11022"
},
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-11023"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "MES3-255C-EN: Update to v3.3.1 or later",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
{
"category": "mitigation",
"details": "MES3-255C-DM-EN: Update to v3.3.1 or later",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
{
"category": "mitigation",
"details": "MES3-255C-CN: Update to v3.3.1 or later",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
{
"category": "mitigation",
"details": "MES3-255C-DM-CN: Update to v3.3.1 or later",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
{
"category": "mitigation",
"details": "To update, users of the affected versions should refer to the user manual chapter \u201c4.8.6 Version up of Main Program\u201d (Setting). The manual and Setting Software for EcoWebServerIII are available to download on the MITSUBISHI ELECTRIC FA Global Website.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://www.mitsubishielectric.com/fa"
},
{
"category": "mitigation",
"details": "Use a firewall, a virtual private network (VPN), etc. to prevent unauthorized access when Internet access is required.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
{
"category": "mitigation",
"details": "Use within a LAN and block access from untrusted networks and hosts through firewalls.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
{
"category": "mitigation",
"details": "For specific update instructions and additional details see the Mitsubishi Electric advisory.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-029_en.pdf"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
}
]
},
{
"cve": "CVE-2018-14040",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "summary",
"text": "A vulnerability due to uncontrolled resource consumption exists in Energy Saving Data Collecting Server (EcoWebServerIII), which may result in a denial-of-service condition.CVE-2017-18214 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated for; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-18214"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "MES3-255C-EN: Update to v3.3.1 or later",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
{
"category": "mitigation",
"details": "MES3-255C-DM-EN: Update to v3.3.1 or later",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
{
"category": "mitigation",
"details": "MES3-255C-CN: Update to v3.3.1 or later",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
{
"category": "mitigation",
"details": "MES3-255C-DM-CN: Update to v3.3.1 or later",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
{
"category": "mitigation",
"details": "To update, users of the affected versions should refer to the user manual chapter \u201c4.8.6 Version up of Main Program\u201d (Setting). The manual and Setting Software for EcoWebServerIII are available to download on the MITSUBISHI ELECTRIC FA Global Website.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://www.mitsubishielectric.com/fa"
},
{
"category": "mitigation",
"details": "Use a firewall, a virtual private network (VPN), etc. to prevent unauthorized access when Internet access is required.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
{
"category": "mitigation",
"details": "Use within a LAN and block access from untrusted networks and hosts through firewalls.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
{
"category": "mitigation",
"details": "For specific update instructions and additional details see the Mitsubishi Electric advisory.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-029_en.pdf"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
}
]
},
{
"cve": "CVE-2018-14042",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"notes": [
{
"category": "summary",
"text": "A vulnerability due to improperly controlled modification of dynamically determined object attributes exists in Energy Saving Data Collecting Server (EcoWebServerIII), which may result in a denial-of-service condition.CVE-2020-7746 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated for; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-7746"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "MES3-255C-EN: Update to v3.3.1 or later",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
{
"category": "mitigation",
"details": "MES3-255C-DM-EN: Update to v3.3.1 or later",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
{
"category": "mitigation",
"details": "MES3-255C-CN: Update to v3.3.1 or later",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
{
"category": "mitigation",
"details": "MES3-255C-DM-CN: Update to v3.3.1 or later",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
{
"category": "mitigation",
"details": "To update, users of the affected versions should refer to the user manual chapter \u201c4.8.6 Version up of Main Program\u201d (Setting). The manual and Setting Software for EcoWebServerIII are available to download on the MITSUBISHI ELECTRIC FA Global Website.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://www.mitsubishielectric.com/fa"
},
{
"category": "mitigation",
"details": "Use a firewall, a virtual private network (VPN), etc. to prevent unauthorized access when Internet access is required.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
{
"category": "mitigation",
"details": "Use within a LAN and block access from untrusted networks and hosts through firewalls.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
},
{
"category": "mitigation",
"details": "For specific update instructions and additional details see the Mitsubishi Electric advisory.",
"product_ids": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-029_en.pdf"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-0001",
"CSAFPID-0002",
"CSAFPID-0003",
"CSAFPID-0004"
]
}
]
}
]
}
gsd-2016-10735
Vulnerability from gsd
Modified
2016-07-27 00:00
Details
In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2,
XSS is possible in the data-target attribute.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2016-10735",
"description": "In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.",
"id": "GSD-2016-10735",
"references": [
"https://access.redhat.com/errata/RHSA-2020:5571",
"https://access.redhat.com/errata/RHSA-2020:4847",
"https://access.redhat.com/errata/RHSA-2020:4670",
"https://access.redhat.com/errata/RHSA-2020:3936",
"https://access.redhat.com/errata/RHSA-2020:0133",
"https://access.redhat.com/errata/RHSA-2020:0132",
"https://access.redhat.com/errata/RHBA-2019:4199",
"https://access.redhat.com/errata/RHSA-2019:3023",
"https://access.redhat.com/errata/RHBA-2019:1570",
"https://access.redhat.com/errata/RHSA-2019:1456",
"https://access.redhat.com/errata/RHBA-2019:1076",
"https://linux.oracle.com/cve/CVE-2016-10735.html",
"https://access.redhat.com/errata/RHSA-2023:0552",
"https://access.redhat.com/errata/RHSA-2023:0553",
"https://access.redhat.com/errata/RHSA-2023:0554",
"https://access.redhat.com/errata/RHSA-2023:0556"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"affected": [
{
"package": {
"ecosystem": "RubyGems",
"name": "bootstrap",
"purl": "pkg:gem/bootstrap"
}
}
],
"aliases": [
"CVE-2016-10735"
],
"details": "In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2,\nXSS is possible in the data-target attribute.\n",
"id": "GSD-2016-10735",
"modified": "2016-07-27T00:00:00.000Z",
"published": "2016-07-27T00:00:00.000Z",
"references": [
{
"type": "WEB",
"url": "https://blog.getbootstrap.com/2018/07/12/bootstrap-4-1-2/"
},
{
"type": "WEB",
"url": "https://github.com/twbs/bootstrap/issues/20184"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": 4.3,
"type": "CVSS_V2"
},
{
"score": 6.1,
"type": "CVSS_V3"
}
],
"summary": "XSS vulnerability via data-target in bootstrap"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-10735",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/twbs/bootstrap/issues/27915#issuecomment-452140906",
"refsource": "MISC",
"url": "https://github.com/twbs/bootstrap/issues/27915#issuecomment-452140906"
},
{
"name": "https://github.com/twbs/bootstrap/pull/26460",
"refsource": "MISC",
"url": "https://github.com/twbs/bootstrap/pull/26460"
},
{
"name": "https://github.com/twbs/bootstrap/issues/20184",
"refsource": "MISC",
"url": "https://github.com/twbs/bootstrap/issues/20184"
},
{
"name": "https://github.com/twbs/bootstrap/pull/23687",
"refsource": "MISC",
"url": "https://github.com/twbs/bootstrap/pull/23687"
},
{
"name": "https://github.com/twbs/bootstrap/pull/23679",
"refsource": "MISC",
"url": "https://github.com/twbs/bootstrap/pull/23679"
},
{
"name": "https://blog.getbootstrap.com/2018/12/13/bootstrap-3-4-0/",
"refsource": "MISC",
"url": "https://blog.getbootstrap.com/2018/12/13/bootstrap-3-4-0/"
},
{
"name": "RHSA-2019:1456",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:1456"
},
{
"name": "RHBA-2019:1076",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHBA-2019:1076"
},
{
"name": "RHBA-2019:1570",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHBA-2019:1570"
},
{
"name": "RHSA-2019:3023",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:3023"
},
{
"name": "RHSA-2020:0132",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2020:0132"
},
{
"name": "RHSA-2020:0133",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2020:0133"
},
{
"name": "https://www.tenable.com/security/tns-2021-14",
"refsource": "CONFIRM",
"url": "https://www.tenable.com/security/tns-2021-14"
}
]
}
},
"github.com/rubysec/ruby-advisory-db": {
"cve": "2016-10735",
"cvss_v2": 4.3,
"cvss_v3": 6.1,
"date": "2016-07-27",
"description": "In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2,\nXSS is possible in the data-target attribute.\n",
"gem": "bootstrap-sass",
"patched_versions": [
"\u003e= 3.4.0"
],
"related": {
"url": [
"https://github.com/twbs/bootstrap/issues/20184"
]
},
"title": "XSS vulnerability via data-target in bootstrap-sass",
"url": "https://blog.getbootstrap.com/2018/12/13/bootstrap-3-4-0/"
},
"gitlab.com": {
"advisories": [
{
"affected_range": "\u003c3.4.0",
"affected_versions": "All version before 3.4.0",
"cvss_v2": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"cvss_v3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"cwe_ids": [
"CWE-1035",
"CWE-79",
"CWE-937"
],
"date": "2021-07-22",
"description": "In Bootstrap, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.",
"fixed_versions": [
"3.4.0"
],
"identifier": "CVE-2016-10735",
"identifiers": [
"CVE-2016-10735"
],
"not_impacted": "All versions starting from 3.4.0",
"package_slug": "gem/bootstrap-sass",
"pubdate": "2019-01-09",
"solution": "Upgrade to version 3.4.0 or above.",
"title": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2016-10735"
],
"uuid": "85bbecfa-75cd-41ae-982f-9abd086ba2be"
},
{
"affected_range": "\u003c3.4.0",
"affected_versions": "All version before 3.4.0",
"cvss_v2": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"cvss_v3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"cwe_ids": [
"CWE-1035",
"CWE-79",
"CWE-937"
],
"date": "2021-07-22",
"description": "In Bootstrap, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.",
"fixed_versions": [
"3.4.0"
],
"identifier": "CVE-2016-10735",
"identifiers": [
"CVE-2016-10735"
],
"not_impacted": "All versions starting from 3.4.0",
"package_slug": "gem/bootstrap",
"pubdate": "2019-01-09",
"solution": "Upgrade to version 3.4.0 or above.",
"title": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2016-10735"
],
"uuid": "706a4860-0665-4976-8b65-8eebd3ec8253"
},
{
"affected_range": "\u003e=3.0.0 \u003c3.4.0",
"affected_versions": "All versions starting from 3.0.0 before 3.4.0",
"cvss_v2": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"cvss_v3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"cwe_ids": [
"CWE-1035",
"CWE-79",
"CWE-79",
"CWE-937"
],
"date": "2021-07-26",
"description": "In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.",
"fixed_versions": [
"3.4.0"
],
"identifier": "CVE-2016-10735",
"identifiers": [
"GHSA-4p24-vmcr-4gqj",
"CVE-2016-10735"
],
"not_impacted": "All versions before 3.0.0, all versions starting from 3.4.0",
"package_slug": "npm/bootstrap",
"pubdate": "2019-01-17",
"solution": "Upgrade to version 3.4.0 or above.",
"title": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2016-10735",
"https://github.com/twbs/bootstrap/issues/20184",
"https://github.com/twbs/bootstrap/issues/27915#issuecomment-452140906",
"https://github.com/twbs/bootstrap/pull/23679",
"https://github.com/twbs/bootstrap/pull/23687",
"https://github.com/twbs/bootstrap/pull/26460",
"https://access.redhat.com/errata/RHBA-2019:1076",
"https://access.redhat.com/errata/RHBA-2019:1570",
"https://access.redhat.com/errata/RHSA-2019:1456",
"https://access.redhat.com/errata/RHSA-2019:3023",
"https://access.redhat.com/errata/RHSA-2020:0132",
"https://access.redhat.com/errata/RHSA-2020:0133",
"https://blog.getbootstrap.com/2018/12/13/bootstrap-3-4-0/",
"https://github.com/advisories/GHSA-4p24-vmcr-4gqj"
],
"uuid": "342cce90-f89a-4210-b51c-55ac1bf557f6"
},
{
"affected_range": "[3.0.0,3.4.0),[4.0.0]",
"affected_versions": "All versions starting from 3.0.0 before 3.4.0, version 4.0.0",
"cvss_v2": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"cvss_v3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"cwe_ids": [
"CWE-1035",
"CWE-79",
"CWE-937"
],
"date": "2021-07-22",
"description": "In Bootstrap, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.",
"fixed_versions": [
"3.4.0"
],
"identifier": "CVE-2016-10735",
"identifiers": [
"CVE-2016-10735"
],
"not_impacted": "All versions before 3.0.0, all versions starting from 3.4.0 before 4.0.0, all versions after 4.0.0",
"package_slug": "nuget/Bootstrap.Less",
"pubdate": "2019-01-09",
"solution": "Upgrade to version 3.4.0 or above.",
"title": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2016-10735",
"https://github.com/twbs/bootstrap/pull/26460"
],
"uuid": "36002d9b-9839-4fad-bfa0-c668b82c0166"
}
]
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:getbootstrap:bootstrap:4.0.0:beta:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.4.0",
"versionStartIncluding": "3.0.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-10735"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/twbs/bootstrap/pull/26460",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/twbs/bootstrap/pull/26460"
},
{
"name": "https://github.com/twbs/bootstrap/pull/23687",
"refsource": "MISC",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/twbs/bootstrap/pull/23687"
},
{
"name": "https://github.com/twbs/bootstrap/pull/23679",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/twbs/bootstrap/pull/23679"
},
{
"name": "https://github.com/twbs/bootstrap/issues/27915#issuecomment-452140906",
"refsource": "MISC",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/twbs/bootstrap/issues/27915#issuecomment-452140906"
},
{
"name": "https://github.com/twbs/bootstrap/issues/20184",
"refsource": "MISC",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/twbs/bootstrap/issues/20184"
},
{
"name": "https://blog.getbootstrap.com/2018/12/13/bootstrap-3-4-0/",
"refsource": "MISC",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://blog.getbootstrap.com/2018/12/13/bootstrap-3-4-0/"
},
{
"name": "RHSA-2019:1456",
"refsource": "REDHAT",
"tags": [],
"url": "https://access.redhat.com/errata/RHSA-2019:1456"
},
{
"name": "RHBA-2019:1076",
"refsource": "REDHAT",
"tags": [],
"url": "https://access.redhat.com/errata/RHBA-2019:1076"
},
{
"name": "RHBA-2019:1570",
"refsource": "REDHAT",
"tags": [],
"url": "https://access.redhat.com/errata/RHBA-2019:1570"
},
{
"name": "RHSA-2019:3023",
"refsource": "REDHAT",
"tags": [],
"url": "https://access.redhat.com/errata/RHSA-2019:3023"
},
{
"name": "RHSA-2020:0132",
"refsource": "REDHAT",
"tags": [],
"url": "https://access.redhat.com/errata/RHSA-2020:0132"
},
{
"name": "RHSA-2020:0133",
"refsource": "REDHAT",
"tags": [],
"url": "https://access.redhat.com/errata/RHSA-2020:0133"
},
{
"name": "https://www.tenable.com/security/tns-2021-14",
"refsource": "CONFIRM",
"tags": [],
"url": "https://www.tenable.com/security/tns-2021-14"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": true
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
},
"lastModifiedDate": "2021-07-22T18:15Z",
"publishedDate": "2019-01-09T05:29Z"
}
}
}
ghsa-4p24-vmcr-4gqj
Vulnerability from github
Published
2019-01-17 13:57
Modified
2024-08-05 16:29
Severity ?
VLAI Severity ?
Summary
Bootstrap Cross-site Scripting vulnerability
Details
In Bootstrap 2.x from 2.0.4, 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute. Note that this is a different vulnerability than CVE-2018-14041.
See https://blog.getbootstrap.com/2018/12/13/bootstrap-3-4-0/ for more info.
{
"affected": [
{
"package": {
"ecosystem": "npm",
"name": "bootstrap"
},
"ranges": [
{
"events": [
{
"introduced": "2.0.4"
},
{
"fixed": "3.4.0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "npm",
"name": "bootstrap"
},
"ranges": [
{
"events": [
{
"introduced": "4.0.0-beta"
},
{
"fixed": "4.0.0-beta.2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.webjars:bootstrap"
},
"ranges": [
{
"events": [
{
"introduced": "2.0.4"
},
{
"fixed": "3.4.0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.webjars:bootstrap"
},
"ranges": [
{
"events": [
{
"introduced": "4.0.0-beta"
},
{
"fixed": "4.0.0-beta.2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "RubyGems",
"name": "bootstrap"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.0.0-beta.2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Packagist",
"name": "twbs/bootstrap"
},
"ranges": [
{
"events": [
{
"introduced": "2.0.4"
},
{
"fixed": "3.4.0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Packagist",
"name": "twbs/bootstrap"
},
"ranges": [
{
"events": [
{
"introduced": "4.0.0-beta"
},
{
"fixed": "4.0.0-beta.2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "NuGet",
"name": "bootstrap"
},
"ranges": [
{
"events": [
{
"introduced": "2.0.4"
},
{
"fixed": "3.4.0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "NuGet",
"name": "bootstrap"
},
"ranges": [
{
"events": [
{
"introduced": "4.0.0-beta"
},
{
"fixed": "4.0.0-beta.2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "npm",
"name": "bootstrap-sass"
},
"ranges": [
{
"events": [
{
"introduced": "2.0.4"
},
{
"fixed": "3.4.0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "RubyGems",
"name": "bootstrap-sass"
},
"ranges": [
{
"events": [
{
"introduced": "2.0.4"
},
{
"fixed": "3.4.0"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "NuGet",
"name": "bootstrap.sass"
},
"ranges": [
{
"events": [
{
"introduced": "4.0.0-beta"
},
{
"fixed": "4.0.0-beta.2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2016-10735"
],
"database_specific": {
"cwe_ids": [
"CWE-79"
],
"github_reviewed": true,
"github_reviewed_at": "2020-06-16T20:58:39Z",
"nvd_published_at": "2019-01-09T05:29:00Z",
"severity": "MODERATE"
},
"details": "In Bootstrap 2.x from 2.0.4, 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute. Note that this is a different vulnerability than CVE-2018-14041.\n\nSee https://blog.getbootstrap.com/2018/12/13/bootstrap-3-4-0/ for more info.",
"id": "GHSA-4p24-vmcr-4gqj",
"modified": "2024-08-05T16:29:11Z",
"published": "2019-01-17T13:57:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10735"
},
{
"type": "WEB",
"url": "https://github.com/twbs/bootstrap/issues/27915#issuecomment-452140906"
},
{
"type": "WEB",
"url": "https://github.com/twbs/bootstrap/issues/20184"
},
{
"type": "WEB",
"url": "https://github.com/twbs/bootstrap/pull/26460"
},
{
"type": "WEB",
"url": "https://github.com/twbs/bootstrap/pull/23687"
},
{
"type": "WEB",
"url": "https://github.com/twbs/bootstrap/pull/23679"
},
{
"type": "WEB",
"url": "https://github.com/github/advisory-database/pull/3281"
},
{
"type": "PACKAGE",
"url": "https://github.com/twbs/bootstrap"
},
{
"type": "WEB",
"url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/bootstrap/CVE-2016-10735.yml"
},
{
"type": "WEB",
"url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/bootstrap-sass/CVE-2016-10735.yml"
},
{
"type": "WEB",
"url": "https://blog.getbootstrap.com/2018/12/13/bootstrap-3-4-0"
},
{
"type": "WEB",
"url": "https://blog.getbootstrap.com/2018/07/12/bootstrap-4-1-2"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2020:0133"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2020:0132"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2019:3023"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2019:1456"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHBA-2019:1570"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHBA-2019:1076"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"type": "CVSS_V3"
}
],
"summary": "Bootstrap Cross-site Scripting vulnerability"
}
cnvd-2019-23272
Vulnerability from cnvd
Title
Bootstrap跨站脚本漏洞(CNVD-2019-23272)
Description
Bootstrap是一款使用HTML、CSS和JavaScript开发的开源Web前端框架。
Bootstrap 3.4.0之前的3.x版本和4.0.0-beta.2之前的4.x-beta版本中的data-target属性存在跨站脚本漏洞,远程攻击者可利用该漏洞注入任意的Web脚本或HTML。
Severity
中
VLAI Severity ?
Patch Name
Bootstrap跨站脚本漏洞(CNVD-2019-23272)的补丁
Patch Description
Bootstrap是一款使用HTML、CSS和JavaScript开发的开源Web前端框架。
Bootstrap 3.4.0之前的3.x版本和4.0.0-beta.2之前的4.x-beta版本中的data-target属性存在跨站脚本漏洞,远程攻击者可利用该漏洞注入任意的Web脚本或HTML。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
厂商已发布了漏洞修复程序,请及时关注更新: https://blog.getbootstrap.com/2018/12/13/bootstrap-3-4-0/
Reference
https://blog.getbootstrap.com/2018/12/13/bootstrap-3-4-0/
Impacted products
| Name | ['virt-bootstrap virt-bootstrap 1.1.0', 'Bootstrap Bootstrap 4.*-beta,<4.0.0-beta.2'] |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2016-10735",
"cveUrl": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10735"
}
},
"description": "Bootstrap\u662f\u4e00\u6b3e\u4f7f\u7528HTML\u3001CSS\u548cJavaScript\u5f00\u53d1\u7684\u5f00\u6e90Web\u524d\u7aef\u6846\u67b6\u3002\n\nBootstrap 3.4.0\u4e4b\u524d\u76843.x\u7248\u672c\u548c4.0.0-beta.2\u4e4b\u524d\u76844.x-beta\u7248\u672c\u4e2d\u7684data-target\u5c5e\u6027\u5b58\u5728\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u6ce8\u5165\u4efb\u610f\u7684Web\u811a\u672c\u6216HTML\u3002",
"discovererName": "unknown",
"formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://blog.getbootstrap.com/2018/12/13/bootstrap-3-4-0/",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2019-23272",
"openTime": "2019-07-18",
"patchDescription": "Bootstrap\u662f\u4e00\u6b3e\u4f7f\u7528HTML\u3001CSS\u548cJavaScript\u5f00\u53d1\u7684\u5f00\u6e90Web\u524d\u7aef\u6846\u67b6\u3002\r\n\r\nBootstrap 3.4.0\u4e4b\u524d\u76843.x\u7248\u672c\u548c4.0.0-beta.2\u4e4b\u524d\u76844.x-beta\u7248\u672c\u4e2d\u7684data-target\u5c5e\u6027\u5b58\u5728\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u6ce8\u5165\u4efb\u610f\u7684Web\u811a\u672c\u6216HTML\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Bootstrap\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e\uff08CNVD-2019-23272\uff09\u7684\u8865\u4e01",
"products": {
"product": [
"virt-bootstrap virt-bootstrap 1.1.0",
"Bootstrap Bootstrap 4.*-beta\uff0c\u003c4.0.0-beta.2"
]
},
"referenceLink": "https://blog.getbootstrap.com/2018/12/13/bootstrap-3-4-0/",
"serverity": "\u4e2d",
"submitTime": "2019-01-11",
"title": "Bootstrap\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e\uff08CNVD-2019-23272\uff09"
}
fkie_cve-2016-10735
Vulnerability from fkie_nvd
Published
2019-01-09 05:29
Modified
2024-11-21 02:44
Severity ?
Summary
In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://access.redhat.com/errata/RHBA-2019:1076 | ||
| cve@mitre.org | https://access.redhat.com/errata/RHBA-2019:1570 | ||
| cve@mitre.org | https://access.redhat.com/errata/RHSA-2019:1456 | ||
| cve@mitre.org | https://access.redhat.com/errata/RHSA-2019:3023 | ||
| cve@mitre.org | https://access.redhat.com/errata/RHSA-2020:0132 | ||
| cve@mitre.org | https://access.redhat.com/errata/RHSA-2020:0133 | ||
| cve@mitre.org | https://blog.getbootstrap.com/2018/12/13/bootstrap-3-4-0/ | Release Notes, Third Party Advisory | |
| cve@mitre.org | https://github.com/twbs/bootstrap/issues/20184 | Exploit, Issue Tracking, Third Party Advisory | |
| cve@mitre.org | https://github.com/twbs/bootstrap/issues/27915#issuecomment-452140906 | Issue Tracking, Third Party Advisory | |
| cve@mitre.org | https://github.com/twbs/bootstrap/pull/23679 | Third Party Advisory | |
| cve@mitre.org | https://github.com/twbs/bootstrap/pull/23687 | Patch, Third Party Advisory | |
| cve@mitre.org | https://github.com/twbs/bootstrap/pull/26460 | Third Party Advisory | |
| cve@mitre.org | https://www.tenable.com/security/tns-2021-14 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHBA-2019:1076 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHBA-2019:1570 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2019:1456 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2019:3023 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2020:0132 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2020:0133 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://blog.getbootstrap.com/2018/12/13/bootstrap-3-4-0/ | Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/twbs/bootstrap/issues/20184 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/twbs/bootstrap/issues/27915#issuecomment-452140906 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/twbs/bootstrap/pull/23679 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/twbs/bootstrap/pull/23687 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/twbs/bootstrap/pull/26460 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.tenable.com/security/tns-2021-14 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| getbootstrap | bootstrap | * | |
| getbootstrap | bootstrap | 4.0.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8497B424-E8CC-4FEF-844B-FE33F2C18E6E",
"versionEndExcluding": "3.4.0",
"versionStartIncluding": "3.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:getbootstrap:bootstrap:4.0.0:beta:*:*:*:*:*:*",
"matchCriteriaId": "C5E15817-0A5D-4C30-9A3C-F85F275E78DC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041."
},
{
"lang": "es",
"value": "En las versiones de Bootstrap anteriores a la 3.4.0 y en las 4.x-beta anteriores a la 4.0.0-beta.2, Cross-Site Scripting (XSS) es posible en el atributo \"data-target\". Se trata de una vulnerabilidad diferente de CVE-2018-14041."
}
],
"id": "CVE-2016-10735",
"lastModified": "2024-11-21T02:44:37.590",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-01-09T05:29:00.883",
"references": [
{
"source": "cve@mitre.org",
"url": "https://access.redhat.com/errata/RHBA-2019:1076"
},
{
"source": "cve@mitre.org",
"url": "https://access.redhat.com/errata/RHBA-2019:1570"
},
{
"source": "cve@mitre.org",
"url": "https://access.redhat.com/errata/RHSA-2019:1456"
},
{
"source": "cve@mitre.org",
"url": "https://access.redhat.com/errata/RHSA-2019:3023"
},
{
"source": "cve@mitre.org",
"url": "https://access.redhat.com/errata/RHSA-2020:0132"
},
{
"source": "cve@mitre.org",
"url": "https://access.redhat.com/errata/RHSA-2020:0133"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://blog.getbootstrap.com/2018/12/13/bootstrap-3-4-0/"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/twbs/bootstrap/issues/20184"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/twbs/bootstrap/issues/27915#issuecomment-452140906"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/twbs/bootstrap/pull/23679"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/twbs/bootstrap/pull/23687"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/twbs/bootstrap/pull/26460"
},
{
"source": "cve@mitre.org",
"url": "https://www.tenable.com/security/tns-2021-14"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHBA-2019:1076"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHBA-2019:1570"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2019:1456"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2019:3023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2020:0132"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2020:0133"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://blog.getbootstrap.com/2018/12/13/bootstrap-3-4-0/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/twbs/bootstrap/issues/20184"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/twbs/bootstrap/issues/27915#issuecomment-452140906"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/twbs/bootstrap/pull/23679"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/twbs/bootstrap/pull/23687"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/twbs/bootstrap/pull/26460"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.tenable.com/security/tns-2021-14"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…